hybrid approaches (Re: "Default" Internet Service)
Matthew Sullivan
matthew at sorbs.net
Tue Jun 15 03:46:57 UTC 2004
Edward B. Dreger wrote:
>Apologies for forking yet another thread from one which I myself
>have been largely ignoring. AFAICT, though, most posts have
>shown little interest in combining different approaches:
>
>* Provide a "default" sandbox.
>
>* Allow unrestricted access -- perhaps after a quiz, perhaps when
> a user activates a form.
>
>* Let IDS trigger sandbox mode.
>
>* Provide IDS-triggered-sandbox override for those who agree in
> writing to <blah>.
>
>* Anyone in the IDS-proof class who spews filth deserves to be
> fined.
>
>* Use different IP ranges for different service classes. Flag in
> rwhois, a special RRTYPE, or whatever suits one's fancy. (This
> assumes that providers could agree on a standard.)
>
>Perhaps no one tactic fixes everything. Fine. I readily admit
>that the above combination isn't a miracle cure. But is there a
>moderate chance for improvement? I think so.
>
>
>
*applause*
Whilst I may not communicate it sometimes - this sums up all my thoughts
on the matter quite neatly, you have my whole hearted support.
/ Mat
More information about the NANOG
mailing list