[27278] in North American Network Operators' Group
Re: Cisco says attacks are due to operational practices
daemon@ATHENA.MIT.EDU (Majdi S. Abbas)
Thu Feb 10 21:32:14 2000
From: "Majdi S. Abbas" <msa@samurai.sfo.dead-dog.com>
Message-Id: <200002110222.SAA02963@samurai.sfo.dead-dog.com>
To: chris@dqc.org (Chris Cappuccio)
Date: Thu, 10 Feb 2000 18:22:43 -0800 (PST)
Cc: jmbrown@ihighway.net (John M. Brown), nanog@merit.edu
In-Reply-To: <Pine.BSO.4.21.0002101812130.2897-100000@dqc.org> from "Chris Cappuccio" at Feb 10, 2000 06:13:56 PM
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
> Filtering incoming our outgoing ports for anybody's network but your own (not
> your customer's) is wrong. You know specifically what apps you are running.
> How can you know what your customer is running or what they want to do ?
>
> If the customer is aware this is happening or even requests this type of
> firewall service, that's great. But to filter ports on backbone routers is
> stupid.
In the context of martian filtering, I'd assume he's referring to
daytime/echo/chargen/etc. And filtering those is understandable.
--msa
