[Chapter-delegates] Net Stability
chapter-delegates at elists.isoc.org
chapter-delegates at elists.isoc.org
Fri May 12 01:39:12 PDT 2006
Narelle Clark wrote:
> http://www.lightbluetouchpaper.org/2006/04/07/when-firmware-attacks-ddos
> -by-d-link
>
> I recall seeing this before:
> http://www.cs.wisc.edu/~plonka/netgear-sntp/ gives a really lengthy
> account of other manufacturers and what befell the Australian national
> NTP server. I recall that had to be blocked at the carrier/IAP level.
>
Dear Narelle,
While I agree with you, this has nothing to do with RFC compliance, but
rather with an impolite behaviour and a bad implementation on the side
of Netgear and Dlink..
> Certifying Internet appliance and software?
>
> A darn good idea.
> Start at the latest RFC# and work backwards... There's a massive amount
> of non compliance! With some services/systems being more detrimental
> than others.
What compliance ? A practical example.One could most probably certify
Sendmail/Postfix/Exim, etc as being RFC compliant. But if the
implementation on my local system allows pre-greeting traffic, it breaks
RFC2821. But OK, I could tell my boss that I cannot be blamed, since I
am using a certified RFC compliant MTA.
As for starting with the latest RFCs, I have mixed feelings. The latest
ones may not be implemented yet. There are older and critical services
like SMTP and DNS where non-compliance is common (mostly because of
lousy admins) that need to be addressed first, IMHO. Rather than
certifying software, we should try to certify people or groups of people
(ie companies).
Best regards,
Patrick Vande Walle
More information about the Chapter-delegates
mailing list