Hello!
Marcus J. Ranum wrote:
> [... lots of good stuff ...]
> I can't count the number of times that I convinced a CIO or
> CTO to implement logging and egress filtering, only to find out a
> year later that the whole thing had been shelved because of passive
> resistance from the Network Guys who trotted the usual bullsh*t out
> as soon as the dust settled.
Which still leaves us with the main question: why?
What are their real objectives?
I mean, I'm running an ISP here, so I don't read the log
entries for every blocked packet, but we _do_ monitor
all customer's lines with MRTG and _of_course_ all the
routers are configured to do unicast reverse path verification.
Hasn't brought the backbone to a crawl yet ;-)
Thanks,
Patrick M. Hausen
--
punkt.de GmbH Internet - Dienstleistungen - Beratung
Vorholzstr. 25 Tel. 0721 9109 -0 Fax: -100
76137 Karlsruhe http://punkt.de
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Feb 04 2004
Intro
