Port blocking last resort in fight against virus

• Previous message (by thread): Port blocking last resort in fight against virus
• Next message (by thread): Port blocking last resort in fight against virus
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Subject: Re: Port blocking last resort in fight against virus Date: Wed, Aug 13, 2003 at 09:57:56AM +0100 Quoting Stephen J. Wilcox (steve at telecomplete.co.uk):
 
> Sorry I see where you're coming from on this but firewalls are more than just 
> patches to broken OS's. 
> 
> In your world DoS traffic would be free to roam the networks as it pleased 
> without being throttled sensibly at ingress?

Providing one makes people responsible for what their boxes (not
aggregates of networks) cause, and enforces this, there will be no
DoS traffic; given a perfect world.

Even in an imperfect world, the solution lies in the edge, not even
the CPE, but the end node, if you want to do more than pathetic
bandaiding of the inherent problem of insecure applications on end
nodes.
 
-- 
Måns Nilsson         Systems Specialist
+46 70 681 7204         KTHNOC
                        MN1334-RIPE

My face is new, my license is expired, and I'm under a doctor's
care!!!!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20030813/5958f93e/attachment.sig>

• Previous message (by thread): Port blocking last resort in fight against virus
• Next message (by thread): Port blocking last resort in fight against virus
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]