[178186] in North American Network Operators' Group
RE: Re: Intrusion Detection recommendations
daemon@ATHENA.MIT.EDU (Darden, Patrick)
Thu Feb 19 09:07:41 2015
X-Original-To: nanog@nanog.org
From: "Darden, Patrick" <Patrick.Darden@p66.com>
To: Rich Kulawiec <rsk@gsp.org>, "nanog@nanog.org" <nanog@nanog.org>
Date: Thu, 19 Feb 2015 14:07:18 +0000
In-Reply-To: <20150214222905.GA12330@gsp.org>
Errors-To: nanog-bounces@nanog.org
+10
The original SANS DDOS task force, and many others since, have emphasized t=
his. Filter your Outbound! Bogons for obvious reasons, BGP3 to keep routi=
ng multipliers, non-internals to keep from being used as an amplifier netwo=
rk, the list goes on. Be a good network neighbor.
--p
-----Original Message-----
From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Rich Kulawiec
Sent: Saturday, February 14, 2015 4:29 PM
To: nanog@nanog.org
Subject: [EXTERNAL]Re: Intrusion Detection recommendations
.
.
.
This reminds me to bring up a point that can't be stressed enough:
it's just as important to block *outbound* traffic as inbound. Ask Anthem.=
Or Target. Or the ghosts of the Trojans. ;)
.
.
.
.
