Access Lists for Subscriber facing ports?

Shawn L shawnl at
Thu Mar 27 12:44:18 UTC 2014

With all of the new worms / denial of service / exploits, etc. that are
coming out, I'm wondering what others are using for access-lists on
residential subscriber-facing ports.

We've always taken the stance of 'allow unless there is a compelling reason
not to', but with everything that is coming out lately, I'm not sure that's
the correct position any more.


More information about the NANOG mailing list