[79893] in North American Network Operators' Group
Re: BCP for ISP to block worms at PEs and NAS
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Sun Apr 17 22:22:27 2005
Date: Mon, 18 Apr 2005 02:19:11 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <20050417170501.GB1174@arctic.org>
To: "J.D. Falk" <jdfalk@cybernothing.org>
Cc: Kim Onnel <karim.adel@gmail.com>, nanog@merit.edu
Errors-To: owner-nanog@merit.edu
On Sun, 17 Apr 2005, J.D. Falk wrote:
>
> On 04/17/05, Randy Bush <randy@psg.com> wrote:
>
> > > On my Cisco-based SP network with RPMs in MGX chassis acting as PEs:
> > > I have the ACL below applied on many network devices to block the
> > > common worms ports,
> >
> > if you are a service provider, perhaps filtering in the core will
> > not be appreciated by some customers. of course, as a provider,
> > you can choose what 'service' you are providing. but, if you
> > filter ports, it is not clear you are providing internet service.
>
> In practice, it is nearly certain that your users won't care (or
> even notice) -- but grumpygeeks will argue about it anyway.
interesting... everytime we have filtered in the core we've gotten
complaints, I believe many folks filtered/rate-limited in their cores for
welchia/nachia and got bunches of complaints about it as well... Hrm,
maybe all of these folks are just grumpy-geeks?
