[79857] in North American Network Operators' Group
Re: BCP for ISP to block worms at PEs and NAS
daemon@ATHENA.MIT.EDU (Randy Bush)
Sun Apr 17 12:04:18 2005
From: Randy Bush <randy@psg.com>
Date: Sun, 17 Apr 2005 06:01:55 -1000
To: Kim Onnel <karim.adel@gmail.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
> On my Cisco-based SP network with RPMs in MGX chassis acting as PEs:
> I have the ACL below applied on many network devices to block the
> common worms ports,
if you are a service provider, perhaps filtering in the core will
not be appreciated by some customers. of course, as a provider,
you can choose what 'service' you are providing. but, if you
filter ports, it is not clear you are providing internet service.
randy
