North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Port 25 filters - how many here deploy them bidirectionally?
- From: Patrick W Gilmore
- Date: Sun Jan 09 13:49:04 2005
On Jan 9, 2005, at 12:20 PM, John Levine wrote:
Imagine all those "high speed ISPs" who would never have been burned if
they just followed BCPs and source filtered their customer base.
Especially since broadband ISPs should be able to source filter easier
than anyone, having fewer "issues" like multi-homed customers.
(Ignoring the discuss of whether that is really an issue or not.)
Please consider the situation of net abuse with the source address
being an infected PCs on a dialup pool that has port 25 filtering
[ triangular routing ]
Back when Ernesto Haberli was active, this was his trademark
technique. He'd burn through large numbers of dialup accounts, but
hide the address of his high-speed connection.
At the time he left the business a few years ago it worked pretty well
and I gather he left because he'd run out of high speed ISPs to sign
up with. I'd be interested to know if triangular routing is used by
particular people now, or is it just another trick thrown into the mix
along with zombie proxies and such.
But hey, who wants to actually make the network work better these days