Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Port blocking last resort in fight against virus

  • From: Stephen J. Wilcox
  • Date: Wed Aug 13 05:16:37 2003

On Wed, 13 Aug 2003, Mans Nilsson wrote:

> Subject: Re: Port blocking last resort in fight against virus Date: Wed, Aug 13, 2003 at 09:57:56AM +0100 Quoting Stephen J. Wilcox (steve@telecomplete.co.uk):
>  
> > Sorry I see where you're coming from on this but firewalls are more than just 
> > patches to broken OS's. 
> > 
> > In your world DoS traffic would be free to roam the networks as it pleased 
> > without being throttled sensibly at ingress?
> 
> Providing one makes people responsible for what their boxes (not
> aggregates of networks) cause, and enforces this, there will be no
> DoS traffic; given a perfect world.

What if the people running the boxes are irresponsible, perhaps even harboring 
malicious intent

> Even in an imperfect world, the solution lies in the edge, not even
> the CPE, but the end node, if you want to do more than pathetic
> bandaiding of the inherent problem of insecure applications on end
> nodes.

I dont have control of all end nodes but I do control my edge.

Steve





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.