hybrid approaches (Re: "Default" Internet Service)

• Previous message (by thread): hybrid approaches (Re: "Default" Internet Service)
• Next message (by thread): DDoS mitigation with BGP communities
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Edward B. Dreger wrote:

>Apologies for forking yet another thread from one which I myself
>have been largely ignoring.  AFAICT, though, most posts have
>shown little interest in combining different approaches:
>
>* Provide a "default" sandbox.
>
>* Allow unrestricted access -- perhaps after a quiz, perhaps when
>  a user activates a form.
>
>* Let IDS trigger sandbox mode.
>
>* Provide IDS-triggered-sandbox override for those who agree in
>  writing to <blah>.
>
>* Anyone in the IDS-proof class who spews filth deserves to be
>  fined.
>
>* Use different IP ranges for different service classes.  Flag in
>  rwhois, a special RRTYPE, or whatever suits one's fancy.  (This
>  assumes that providers could agree on a standard.)
>
>Perhaps no one tactic fixes everything.  Fine.  I readily admit
>that the above combination isn't a miracle cure.  But is there a
>moderate chance for improvement?  I think so.
>
>  
>
*applause*

Whilst I may not communicate it sometimes - this sums up all my thoughts 
on the matter quite neatly, you have my whole hearted support.

/ Mat

• Previous message (by thread): hybrid approaches (Re: "Default" Internet Service)
• Next message (by thread): DDoS mitigation with BGP communities
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]