Home page logo

nanog logo nanog mailing list archives

Re: Tier1 blackholing policy?
From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Tue, 30 Apr 2013 15:17:32 +0000

On Apr 30, 2013, at 10:07 PM, Chris Boyd wrote:

3 - Deliver all packets unless I've signed up for an enhanced security offering?

Even if said packets from an obviously compromised server on a high-speed link are attack packets causing problems for 
the ISP itself as well as for its customers?  

Trust me, large transit ISPs don't *want* to be in the blackholing business.  They only do so when they're forced into 
it by necessity (operational, legal, regulatory).

Also note that in the case of the server(s) you can't access, they may well be on shared hosting with thousands of 
sites/accounts on a single IP, one or more of which may be compromised.

Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

          Luck is the residue of opportunity and design.

                       -- John Milton

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]