[27279] in North American Network Operators' Group
Re: Cisco says attacks are due to operational practices
daemon@ATHENA.MIT.EDU (Chris Cappuccio)
Thu Feb 10 21:36:36 2000
Date: Thu, 10 Feb 2000 18:24:27 -0800 (PST)
From: Chris Cappuccio <chris@dqc.org>
To: Paul Ferguson <ferguson@cisco.com>
Cc: nanog@merit.edu
In-Reply-To: <4.2.2.20000210212108.00a33190@lint.cisco.com>
Message-ID: <Pine.BSO.4.21.0002101823500.2897-100000@dqc.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
I wasn't talking about filtering IPs, I'm talking about filtering by port.
I have no problem with IP based filtering ;)
On Thu, 10 Feb 2000, Paul Ferguson wrote:
| At 06:13 PM 02/10/2000 -0800, Chris Cappuccio wrote:
|
| >Filtering incoming our outgoing ports for anybody's network but your own (not
| >your customer's) is wrong. You know specifically what apps you are running.
| >How can you know what your customer is running or what they want to do ?
|
| Excuse me, but can you please tell me what "application" a downstream
| customer might be running which originates packets for traffic with
| source addresses which they are not advertising (or you are advertising
| for them)?
|
| - paul
|
|
---
Gates' Law: Every 18 months, the speed of software halves.
