Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: M$SQL cleanup incentives

  • From: Stephen Sprunk
  • Date: Sat Feb 22 16:51:36 2003

Thus spake <jlewis@lewis.org>
> If your network is able to contain slammer infected boxes without
> melting down, who cares if you have a few infected customers?  You
> don't need to filter, and they'll all be encouraged to fix their systems
> sooner.

As one hoster put it to me, DoS and worm traffic is billable so it's not in
the hoster's interests to protect customers -- quite the opposite in fact.

> I don't believe we'll have to filter 1434/udp forever, but I plan to leave
> the filters in place until we no longer need them or until they hurt more
> than they help.

What will you do when a similar worm appears on 53/udp or some other
heavily-used port?  We lucked out with Sapphire because MS/SQL is generally
safe to block on public networks, but its speed can be easily applied to
other protocols we can't afford to block.

S

Stephen Sprunk         "God does not play dice."  --Albert Einstein
CCIE #3723         "God is an inveterate gambler, and He throws the
K5SSS        dice at every possible opportunity." --Stephen Hawking





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.