Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cisco says attacks are due to operational practices

  • From: Vijay Gill
  • Date: Thu Feb 10 22:07:42 2000

On Thu, 10 Feb 2000, Paul Ferguson wrote:

> 
> At 06:13 PM 02/10/2000 -0800, Chris Cappuccio wrote:
> 
> >Filtering incoming our outgoing ports for anybody's network but your own (not
> >your customer's) is wrong.  You know specifically what apps you are running.
> >How can you know what your customer is running or what they want to do ?
> 
> Excuse me, but can you please tell me what "application" a downstream
> customer might be running which originates packets for traffic with
> source addresses which they are not advertising (or you are advertising
> for them)?

Trivial.  I've seen several companies with two or more upstreams that are
statically routed by their upstreams with a their respective blocks but
default out.

One might argue this is bad, but engineering is all about compromises and
the real world and this happens in the real world. A lot.

/vijay







Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.