What do you want your ISP to block today?

Iljitsch van Beijnum iljitsch at muada.com
Sat Aug 30 06:33:54 UTC 2003


On zaterdag, aug 30, 2003, at 05:42 Europe/Amsterdam, Sean Donelan 
wrote:

> If you don't want to download patches from Microsoft, and don't want to
> pay McAfee, Symantec, etc for anti-virus software; should ISPs start
> charging people clean up fees when their computers get infected?

Only if it impacts the ISP, which it doesn't most of the time unless 
they buy an unfortunate brand of dial-up concentrators.

> Would you pay an extra $50/Mb a month for your ISP to operate a 
> firewall
> and scan your traffic for you?

No way. They have no business even looking at my traffic, let alone 
filtering it.

What would be great though is a system where there is an automatic 
check to see if there is any return traffic for what a customer sends 
out. If someone keeps sending traffic to the same destination without 
anything coming back, 99% chance that this is a denial of service 
attack. If someone sends traffic to very many destinations and in more 
than 50 or 75 % of the cases nothing comes back or just an ICMP port 
unreachable or TCP RST, 99% chance that this is a scan of some sort.




More information about the NANOG mailing list