[105437] in North American Network Operators' Group
RE: Cloud service [was: RE: EC2 and GAE means end of ip
daemon@ATHENA.MIT.EDU (Frank Bulk)
Mon Jun 23 16:24:57 2008
From: "Frank Bulk" <frnkblk@iname.com>
To: "'Joel Jaeggli'" <joelja@bogus.com>, <frnkblk@iname.com>
In-Reply-To: <485FF755.9030605@bogus.com>
Date: Mon, 23 Jun 2008 15:24:41 -0500
Cc: nanog@merit.edu
Reply-To: frnkblk@iname.com
Errors-To: nanog-bounces@nanog.org
Thanks. Even with TLS, the destination port (either 25 or 365) is
well-known, right, as is the source IP? At the minimum RBLs could be used
for that encrypted traffic.
Frank
-----Original Message-----
From: Joel Jaeggli [mailto:joelja@bogus.com]
Sent: Monday, June 23, 2008 2:20 PM
To: frnkblk@iname.com
Cc: nanog@merit.edu
Subject: Re: Cloud service [was: RE: EC2 and GAE means end of ip address
reputation industry? (Re: Intrustion attempts from Amazon EC2 IPs)]
<snip>
dpi boxes from a number of vendors can do that sort of thing... whether
they can do it fast enough to be inline with your compute cloud is
another question entirely.
That said the result is fairly perilous when rejecting a message
involves forging packets. and of course tls supporting mta's will be
opaque to the network traffic inspecting device.
