Home page logo

nanog logo nanog mailing list archives

Re: What do you want your ISP to block today?
From: Iljitsch van Beijnum <iljitsch () muada com>
Date: Sat, 30 Aug 2003 08:33:54 +0200

On zaterdag, aug 30, 2003, at 05:42 Europe/Amsterdam, Sean Donelan wrote:

If you don't want to download patches from Microsoft, and don't want to
pay McAfee, Symantec, etc for anti-virus software; should ISPs start
charging people clean up fees when their computers get infected?

Only if it impacts the ISP, which it doesn't most of the time unless they buy an unfortunate brand of dial-up concentrators.

Would you pay an extra $50/Mb a month for your ISP to operate a firewall
and scan your traffic for you?

No way. They have no business even looking at my traffic, let alone filtering it.

What would be great though is a system where there is an automatic check to see if there is any return traffic for what a customer sends out. If someone keeps sending traffic to the same destination without anything coming back, 99% chance that this is a denial of service attack. If someone sends traffic to very many destinations and in more than 50 or 75 % of the cases nothing comes back or just an ICMP port unreachable or TCP RST, 99% chance that this is a scan of some sort.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]