On Fri, 8 Jun 2001 Bill_Royds@pch.gc.ca wrote: > When the fist ISP looses a $10 million lawsuit becuase it didn't do egrees > filtering and its servers were used for a DDoS attack, then egress filtering > will become standard. > But who is willing to start the suit? That's actually a difficult suit to try to bring: 1. Most ISPs aren't the one with server problems, their customers are, so that's not the transit provider's fault. 2. While the "Common Carrier" status hasn't been fully fleshed out, anything *other* than CC status for ISPs will make them lawsuit central, and that's so dangerous a precedent that it'd kill most Tier-2 providers. 3. If the originating ISP isn't your ISP, then they're simply handing frames to your ISP, who's the one responsible for delivering them to you. Since that's what you contracted for, and the ISP isn't the cause of the traffic, it's a difficult one to win. The attacker is the guilty party here, and blaming the victim might seem fun- but "she was asking for it, she was wearing a short patch kit" doesn't sit well with me. The first time anyone gets a good civil judgement against somone for not securing their servers, all the ambulance chasers will become packet chasers. I doubt many of us will be out celebrating after that happens. Now, sue the people causing the attacks in civil court for attacking innoncent victims, and you've got a precedent I can live with. If instead of getting chatty with them trying to play supersleuth, Gibson had fired up a lawyer with a couple of subpoenas and gotten the kids and their parents into a courtroom his story would have been more compelling. By this time, surely he can show losses and interruption of interstate commerce enough to have even gotten the Feds to help out. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts@patriot.net which may have no basis whatsoever in fact." - [To unsubscribe, send mail to majordomo@lists.gnac.net with "unsubscribe firewalls" in the body of the message.]