Customer-facing ACLs
Chris Marlatt
cmarlatt at rxsec.com
Mon Mar 10 14:10:23 UTC 2008
Dave Pooser wrote:
>
> Do bots try brute force attacks on Telnet and FTP? All I see at my firewall
> are SSH attacks and spam. But sure, if there's a lot of Telnet abuse block
> 23 too; I think it's used about as rarely by "normal" customers as SSH is.
>
Depending on the ip space I find FTP brute force attacks 10 times more
common than SSH attacks. There really isn't a blanket rule you can impose.
On a different note, unless you clearly advertise that you're offering
filtered services I don't really find the practice ethical - and no a
tiny line in the TOS doesn't really cut it IMHO.
That doesn't mean it can't be done, simply spin the imposed ACL as a
value-add and that your customers are now on a "safer internet".
Regards,
Chris
More information about the NANOG
mailing list