nanog mailing list archives
Re: NOC Automation / Best Practices
From: Owen DeLong <owen () delong com>
Date: Wed, 8 Sep 2010 13:45:13 -0700
On Sep 8, 2010, at 9:59 AM, Martin Hotze wrote:
-----Original Message----- Date: Wed, 08 Sep 2010 08:54:20 -0700 From: Charles N Wyble <charles () knownelement com> Subject: NOC Automation / Best Practices To: nanog () nanog org NOGGERS, (...) The way I see it, an ounce of prevention is worth a pound of cure. Along those lines, I'm putting in some mitigation techniques are as follows (hopefully this will reduce the number of incidents and therefore calls to the abuse desk). I would appreciate any feedback folks can give me. A) Force any outbound mail through my SMTP server with AV/spam filtering. B) Force HTTP traffic through a SQUID proxy with SNORT/ClamAV running (several other WISPs are doing this with fairly substantial bandwidth savings. However I realize that many sites aren't cache friendly. Anyone know of a good way to check for that? Look at HTTP headers?). Do the bandwidth savings/security checking outweigh the increased support calls due to "broken" web sites? C) Force DNS to go through my server. I hope to reduce DNS hijacking attacks this way. Thanks!For either A, B or C you won't get my business, let alone a combination of all 3. *wah!* There is too much FORCE here. :-) #m
+1 Owen
Current thread:
- NOC Automation / Best Practices Charles N Wyble (Sep 08)
- Re: NOC Automation / Best Practices Dobbins, Roland (Sep 08)
- <Possible follow-ups>
- RE: NOC Automation / Best Practices Martin Hotze (Sep 08)
- Re: NOC Automation / Best Practices Jared Mauch (Sep 08)
- Re: NOC Automation / Best Practices khatfield (Sep 08)
- RE: NOC Automation / Best Practices Nathan Eisenberg (Sep 08)
- Re: NOC Automation / Best Practices Owen DeLong (Sep 08)