Security Incidents mailing list archives
Re: A question for the list...
From: Steve Barnet <barnet () chem wisc edu>
Date: Wed, 21 May 2003 16:53:05 -0500
We're talking about (a pound of) cure, how about (an ounce of) prevention? There seems to be consensus that (lack of) competence is part of the problem.. If ISP's would/could take on more responsibility, the need for hack-back would be greatly reduced, making discussion if it's nice or not futile, so maybe the following is even on topic ;-)
[snip]
I am aware that most ISP's are operating within tight budgets, I am less aware of the impact of such a scheme on costs.
Very nasty: N customers x M ports. Customer changes admins and becomes incompetent. Customer adds a platform and becomes incompetent. Customer adds an admin and becomes competent. ... It won't scale at all well.
One benefit for the ISP would be a reduced load on abuse@.. A benefit for the customer would be reduced maintenance and clean-up costs. The benefits for the community are obvious. What do you think ?
This sounds good in principle, but I think it would ultimately prove ineffective. There are the very obvious problems of determining competence (suppose the ISP is not competent) and resolving issues that are more social and organizational (and hence ultimately political). However, even assuming all of the hairy judgment issues could be worked out, this would create a cost incentive to simply start tunneling every protocol through port 80 (or one arbitrary port). Given people's propensity to install arbitrary software from random anonymous sources: From: support () microsoft com Subject: Leet0 pr0xy 4 U See my file! -----Attachment naughty.pif I doubt it would take long to reconstruct the existing problem. And given the history with egress filtering which also has obvious benefits for the community ... Best, ---Steve ---------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents ----------------------------------------------------------------------------
Current thread:
- Re: A question for the list..., (continued)
- Re: A question for the list... Andy Shelley (May 20)
- RE: A question for the list... John McCracken (May 20)
- Re: A question for the list... Anders Reed Mohn (May 20)
- RE: A question for the list... Dave Sharp (May 20)
- Re: A question for the list... Ray Stirbei (May 21)
- RE: A question for the list... Bojan Zdrnja (May 26)
- Re: A question for the list... Ray Stirbei (May 21)
- Re: A question for the list... Steven (May 20)
- Re: A question for the list... Chip Mefford (May 21)
- RE: A question for the list... Luc Pardon (May 21)
- Re: A question for the list... Keith W. McCammon (May 22)
- Re: A question for the list... Steve Barnet (May 22)
- Re: A question for the list... Gary Flynn (May 23)
- Re: A question for the list... Valdis . Kletnieks (May 25)
- Re: A question for the list... Dave Booth (May 22)
- Re: A question for the list... Kevin Reardon (May 22)
- Re: A question for the list... Brian Finn (May 22)
- Re: A question for the list... Kevin Reardon (May 23)
- Re: A question for the list... Brian Finn (May 22)
- RE: A question for the list... King, Brian (May 22)
- Re: A question for the list... Kevin Reardon (May 23)
- Re: A question for the list... Stephen P. Berry (May 23)
- Re: A question for the list... Jimi Thompson (May 23)