[71336] in North American Network Operators' Group
Re: "Default" Internet Service (was: Re: Points on your Internet
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Sun Jun 13 00:51:26 2004
Date: Sun, 13 Jun 2004 04:50:38 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <p06020408bcf18a2447d3@[192.168.1.101]>
To: John Curran <jcurran@istaff.org>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Sun, 13 Jun 2004, John Curran wrote:
>
> At 4:21 AM +0000 6/13/04, Christopher L. Morrow wrote:
> >
> >We have methods of dealing with these abuse problems today, unfortanately
> >as Paul Vixie often points out there are business reasons why these
> >problems persist. Often the 'business' reason isn't the
> >tin-foil-hat-brigade's reason so much as 'we can't afford to keep these
> >abuse folks around since they don't make money for the company'.
>
> I'll argue that we have don't effective methods of dealing with this today,
> and it's not the lack of abuse desk people as much as the philosophy of
> closing barn doors after the fact. The idea that we can leave everything
> wide open for automated exploit tools, and then clean up afterwards
> manually with labor-intensive efforts is fundamentally flawed.
that was the last part of my post, initial installs and supportable (end
user supportable) security really is the only way. (or that's my thoughts)
