[40449] in North American Network Operators' Group
Re: SP's & network security issues
daemon@ATHENA.MIT.EDU (Jeff Gehlbach)
Thu Aug 9 12:09:58 2001
Date: Thu, 9 Aug 2001 12:07:12 -0400
From: Jeff Gehlbach <jeffg@empire.com>
To: Travis Pugh <tdp@discombobulated.net>
Cc: nanog@merit.edu
Message-ID: <20010809120712.D9940@empire.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <004201c120e4$312ab7c0$0300a8c0@jkfld.clm>; from tdp@discombobulated.net on Thu, Aug 09, 2001 at 11:01:38AM -0400
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, Aug 09, 2001 at 11:01:38AM -0400, Travis Pugh wrote:
> I'd think that a good default stance would be to block all incoming TCP
> connections that aren't part of an established session, for all broadband
> customers. Most of them would never notice, as email and http still work.
Consider things like IRC DCC and (more mainstream) instant messaging
direct connections for file transfers, voice, etc. Limiting this to
privileged ports (<1024) might be more viable.
> Run an abuse department that responds quickly to customers
I thought there was an RFC defining the abuse@ alias as the bit bucket...
;-]
> ... except to say it's nice to see someone trying to wrap their head around
> these issues.
Wholeheartedly agreed.
-jeff
--
Jeff Gehlbach, Concord Communications <jgehlbach@concord.com>
Senior Professional Services Consultant, Atlanta
ph. 678.265.6067 fax 770.384.0183
