nanog mailing list archives
Re: SP's & network security issues
From: Jeff Gehlbach <jeffg () empire com>
Date: Thu, 9 Aug 2001 12:07:12 -0400
On Thu, Aug 09, 2001 at 11:01:38AM -0400, Travis Pugh wrote:
I'd think that a good default stance would be to block all incoming TCP connections that aren't part of an established session, for all broadband customers. Most of them would never notice, as email and http still work.
Consider things like IRC DCC and (more mainstream) instant messaging direct connections for file transfers, voice, etc. Limiting this to privileged ports (<1024) might be more viable.
Run an abuse department that responds quickly to customers
I thought there was an RFC defining the abuse@ alias as the bit bucket... ;-]
... except to say it's nice to see someone trying to wrap their head around these issues.
Wholeheartedly agreed. -jeff -- Jeff Gehlbach, Concord Communications <jgehlbach () concord com> Senior Professional Services Consultant, Atlanta ph. 678.265.6067 fax 770.384.0183
Current thread:
- SP's & network security issues Christian Kuhtz (Aug 08)
- Re: SP's & network security issues (partII) Christian Kuhtz (Aug 08)
- Re: SP's & network security issues (partII) Gary E. Miller (Aug 08)
- Re: SP's & network security issues (partII) Christopher A. Woodfield (Aug 09)
- Re: SP's & network security issues Mitch Halmu (Aug 09)
- Re: SP's & network security issues Christian Kuhtz (Aug 09)
- Re: SP's & network security issues Mitch Halmu (Aug 09)
- Re: SP's & network security issues Christian Kuhtz (Aug 09)
- Re: SP's & network security issues Etaoin Shrdlu (Aug 11)
- <Possible follow-ups>
- Re: SP's & network security issues Travis Pugh (Aug 09)
- Re: SP's & network security issues Etaoin Shrdlu (Aug 09)
- Re: SP's & network security issues Jeff Gehlbach (Aug 09)
- Message not available
- Re: SP's & network security issues Travis Pugh (Aug 09)
- Re: SP's & network security issues (partII) Christian Kuhtz (Aug 08)