[83464] in North American Network Operators' Group
Re: zotob - blocking tcp/445
daemon@ATHENA.MIT.EDU (Gadi Evron)
Tue Aug 16 00:59:08 2005
Date: Tue, 16 Aug 2005 07:58:01 +0200
From: Gadi Evron <ge@linuxbox.org>
To: "Christopher L. Morrow" <christopher.morrow@mci.com>
Cc: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.58.0508160438040.3650@parapet.argfrp.us.uu.net>
Errors-To: owner-nanog@merit.edu
[snip arguments]
> Do not become the internet firewall for your large customer base... it's
> bad.
>
Okay, so please allow me to alter the argument a bit.
Say we agreed on:
1. Security is THEIR (customers') problems, not yours.
2. You are not the Internet's firewall.
That would mean you would still care about:
1. You being able to provide service.
2. Your own network being secure (?)
In a big outbreak, not for the WHOLE Internet, I'd use whatever I can.
It can easily become an issue of my network staying alive.
Blocking that one port then might be a viable solution to get a handle
on things and calm things down.
Naturally though you are right again, it is a case-by-case issue and can
not be discussed in generalities.
Gadi.
