Schneier: ISPs should bear security burden
Owen DeLong
owen at delong.com
Thu Apr 28 04:55:11 UTC 2005
>
> What's rDNS for the ip address(es) assigned to you?
>
I don't know about him, but, on my ADSL connection, it is controlled
by my nameservers:
;; ANSWER SECTION:
10.159.192.in-addr.arpa. 86400 IN NS ns.rop.edu.
10.159.192.in-addr.arpa. 86400 IN NS ns.delong.sj.ca.us.
>
>> I'm not highly in favor of blocking
>> traffic from broadband users
>> and killing the end-to-end principle that makes the Internet work,
>
> I'm not in favor of mindless blocking of entire netblocks that may
> contain stuff that should not be blocked, but broadband providers are
> notorious for (e.g.) lumping residential customers that can be blocked,
> with no collateral damage, in the same netblocks as business customers
> who need to run Internet facing servers, and (e.g.) not providing an easy
> way to differentiate between the two classes of customer in the first
> place.
Who are you to decide that there is no damage to blocking residential
customers? I'm a residential customer, but, I have a number of
servers running, and, a port 25 block would be very destructive to
the operation of my mailserver. Why should an ISP decide what a residential
customer can or can't do with their internet connection. (This is not
an advocation for abandoning TOS or allowing abuse. I am talking about
within the confines of legitimate internet use, such as hosting a web
site (or even several), running nameservers, mail server(s), etc.)
Owen
--
If this message was not signed with gpg key 0FE2AA3D, it's probably
a forgery.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20050427/800e1d41/attachment.sig>
More information about the NANOG
mailing list