nanog mailing list archives
re: commonly blocked ports (but not on backbones)
From: brett watson <brett () the-watsons org>
Date: Wed, 14 Sep 2005 15:28:20 -0700
seems to me this is the wrong question... a default security "posture" (network or system, isp or enterprise or any type of entity) should be: "if it's not explicitly allowed, it's denied."
apologies, i see the original poster was talking about a *backbone*... my mind was on campus/edge/customer networks. this policy, of course, does not apply to backbones (unless you want an avalanche of customer calls).
-b
Current thread:
- re: commonly blocked ports (but not on backbones) brett watson (Sep 14)