mailing list archives
Re: Port blocking last resort in fight against virus
From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Wed, 13 Aug 2003 10:14:22 +0100 (BST)
On Wed, 13 Aug 2003, Mans Nilsson wrote:
Subject: Re: Port blocking last resort in fight against virus Date: Wed, Aug 13, 2003 at 09:57:56AM +0100 Quoting
Stephen J. Wilcox (steve () telecomplete co uk):
Sorry I see where you're coming from on this but firewalls are more than just
patches to broken OS's.
In your world DoS traffic would be free to roam the networks as it pleased
without being throttled sensibly at ingress?
Providing one makes people responsible for what their boxes (not
aggregates of networks) cause, and enforces this, there will be no
DoS traffic; given a perfect world.
What if the people running the boxes are irresponsible, perhaps even harboring
Even in an imperfect world, the solution lies in the edge, not even
the CPE, but the end node, if you want to do more than pathetic
bandaiding of the inherent problem of insecure applications on end
I dont have control of all end nodes but I do control my edge.
Re: Port blocking last resort in fight against virus Mans Nilsson (Aug 12)