Worms versus Bots
Matthew Crocker
matthew at crocker.com
Wed May 5 12:03:54 UTC 2004
>
> Its not manufacturers who did not caught up (in fact they did and offer
> very inexpensive personal dsl routers goes all the way to $20 range),
> its
> DSL providers who still offer free dsl modem (device at least twice
> more
> expensive then router) and free network card and complex and
> instructions
> on how to set this all up on each different type of pc. No clue at all
> that it would be only very marginally more expensive for them to
> integrate
> features of such small nat router into dsl modem and instead of
> offering
> PPPoverEthernet it could just offer NAT and DHCP and make it so much
> simpler
> for many of those lusers with only light computer skills to set this
> all up.
>
Agreed,
We require a NAT device or true firewall on all DSL customer
connections. We sell cheap Linksys boxes to customers or they can
upgrade to a SonicWall. We don't use an Integrated modem/router
because most of them are junk.
You won't find a single Windows/Linux/Mac machine directly connected to
our DSL network. I still like PPPoE for customer authentication
because I can place individual packet filters or re-assign users to
different contexts based on username/password authentication.
PPPoE/NAT is a good combination. Couple that with 3 levels of virus
scanning on our mail server has reduced the effects of virus and worm
spread inside the networks we control. We still get viruses & worms to
hit but it is at a more manageable rate. We are not a large provider
by any means but I try my hardest to provide a solid network and
protect the Internet from my users as much as possible. If only the
users would not shop solely on price I would be all set :/
-Matt
> --
> William Leibzon
> Elan Networks
> william at elan.net
>
More information about the NANOG
mailing list