mailing list archives
Re: What do you want your ISP to block today?
From: Rob Thomas <robt () cymru com>
Date: Fri, 29 Aug 2003 22:06:39 -0500 (CDT)
] > He added that ISPs have the view and ability to prevent en-masse
] > attacks. "All these attacks traverse their networks before they reach
] > you and me. If they would simply stop attack traffic that has been
] > identified and accepted as such, we'd all sleep better," Cooper said.
Oh, good gravy! I have a news flash for all of you "security experts"
out there: The Internet is not one, big, coordinated firewall with a
handy GUI, waiting for you to provide the filtering rules. How many
of you "experts" regularly sniff OC-48 and OC-192 backbones for all
those naughty packets? Do you really want ISPs to filter the mother
of all ports-of-pain, TCP 80?
Filter at the *EDGE* folks. You own your own networks; use and manage
them responsibly. If you need assistance, ASK. If you can't take on
the task, purchase bandwidth from providers who sell (yes, CHARGE YOU
MONEY) a filtering service.
ASSERT(coffee != empty);