What do you want your ISP to block today?
Rob Thomas
robt at cymru.com
Sat Aug 30 03:06:39 UTC 2003
Hi, NANOGers.
] > He added that ISPs have the view and ability to prevent en-masse
] > attacks. "All these attacks traverse their networks before they reach
] > you and me. If they would simply stop attack traffic that has been
] > identified and accepted as such, we'd all sleep better," Cooper said.
Oh, good gravy! I have a news flash for all of you "security experts"
out there: The Internet is not one, big, coordinated firewall with a
handy GUI, waiting for you to provide the filtering rules. How many
of you "experts" regularly sniff OC-48 and OC-192 backbones for all
those naughty packets? Do you really want ISPs to filter the mother
of all ports-of-pain, TCP 80?
Filter at the *EDGE* folks. You own your own networks; use and manage
them responsibly. If you need assistance, ASK. If you can't take on
the task, purchase bandwidth from providers who sell (yes, CHARGE YOU
MONEY) a filtering service.
Thanks,
Rob.
--
Rob Thomas
http://www.cymru.com
ASSERT(coffee != empty);
More information about the NANOG
mailing list