Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: IRC bots...

  • From: Bill Nash
  • Date: Sat Mar 12 20:08:06 2005

On Sat, 12 Mar 2005, Hannigan, Martin wrote:

[ SNIP ]

Who's got time for all that? Chase the controller, shut down
the user until they buy some AV software. We've gone beyond
"I didn't know" for endusers in most regions.
Enterprise IT staff running from whip-cracking security staff, that's who has time for it.

Unless, however, you have no security requirements surrounding your accounting records, network inventory, provisioning tools, and credit card processing services.

Other reasons:
.. if you're providing a premium service to business grade customers who can sum up their connectivity requirements as '80, 443, 25, 53, period.'
..if you're running honeynets.
..if you're providing structured services with explicit controls on what goes on (ala AOL, some .edu networks, etc.)
..you've been singled out by your peers because a significant portion of large DDoS attacks are originating from your network.
..you've been singled out by accounting because of the traffic costs involved with sourcing DDoS attacks.

As popular as instant messenger, and increasingly, voip toys, have become, actual IRC usages represents a diminishing percentage of inter-user chatter. Even something as simple as carving irc usage out of your netflow records and tagging specific endpoints as potential sources is a piece of automation that will save you some time down the road. A decent network inventory would facilitate this.

- billn




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.