North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Cisco says attacks are due to operational practices
- From: Jared Mauch
- Date: Thu Feb 10 21:43:45 2000
On Thu, Feb 10, 2000 at 06:13:56PM -0800, Chris Cappuccio wrote:
> Filtering incoming our outgoing ports for anybody's network but your own (not
> your customer's) is wrong. You know specifically what apps you are running.
> How can you know what your customer is running or what they want to do ?
Filtering my customers to prevent them from sending me
packets with source ip addresses other than those they have
told me about, or I have assigned to them is not wrong.
> If the customer is aware this is happening or even requests this type of
> firewall service, that's great. But to filter ports on backbone routers is
Lets explain it this way:
If I were operating a telephone network, I would only allow
calls from numbers that I assigned, or my customers ask to be routed
Or even this:
If I operate a cellular network, I can choose what the source
number is on their telephone, and if I want to allow it.