Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cisco says attacks are due to operational practices

  • From: Jared Mauch
  • Date: Thu Feb 10 21:43:45 2000

On Thu, Feb 10, 2000 at 06:13:56PM -0800, Chris Cappuccio wrote:
> 
> Filtering incoming our outgoing ports for anybody's network but your own (not
> your customer's) is wrong.  You know specifically what apps you are running.  
> How can you know what your customer is running or what they want to do ?

        Filtering my customers to prevent them from sending me
packets with source ip addresses other than those they have
told me about, or I have assigned to them is not wrong.

> If the customer is aware this is happening or even requests this type of
> firewall service, that's great.  But to filter ports on backbone routers is
> stupid.

	Lets explain it this way:

	If I were operating a telephone network, I would only allow
calls from numbers that I assigned, or my customers ask to be routed
to them.

	Or even this:
	
	If I operate a cellular network, I can choose what the source
number is on their telephone, and if I want to allow it.

	- Jared






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.