North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Schneier: ISPs should bear security burden
- From: Steve Sobol
- Date: Wed Apr 27 21:52:23 2005
Bill Stewart wrote:
You could solve 90% of the problems that you perceive are being caused
by unrestricted
cable modem users by using blocklists to ignore traffic from them.
Which would be great if cable/DSL providers offered some insight into which of
their netblocks should be blocked and which shouldn't, but that generally isn't
the case, so by blocking a certain ip or /24 or whatever, I don't know if I'm
blocking customers whose TOS allows them to run servers, or even perhaps
blocking Internet-facing servers run by the provider.
(Aside from other valid issues mentioned in a reply that apparently hasn't hit
nanog yet)
As somebody who picked a DSL provider specifically because it allows me to
run any kind of server I want
What's rDNS for the ip address(es) assigned to you?
I'm not highly in favor of blocking
traffic from broadband users
and killing the end-to-end principle that makes the Internet work,
I'm not in favor of mindless blocking of entire netblocks that may contain
stuff that should not be blocked, but broadband providers are notorious for
(e.g.) lumping residential customers that can be blocked, with no collateral
damage, in the same netblocks as business customers who need to run Internet
facing servers, and (e.g.) not providing an easy way to differentiate between
the two classes of customer in the first place.
--
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / sjsobol@JustThe.net / PGP: 0xE3AE35ED
"The wisdom of a fool won't set you free"
--New Order, "Bizarre Love Triangle"
|
