Firewall Wizards mailing list archives
Re: Botnets, IRC servers and firewalls?
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Wed, 04 Feb 2004 12:35:46 -0500
Patrick M. Hausen wrote:
Which still leaves us with the main question: why? What are their real objectives?
I don't *KNOW*!!!! I wish I did - anyone on the list care to comment? If I had to guess, I'd guess that it's simply a reflexive effort to remove hassles. We can safely assume that adding filtering will cause political hassles, technical hassles, and will increase the chance of the 3:00am emergency ops pager going off. After all, if you don't have filtering in place, you'll never have problems with your filters. :) And, if a worm screws your company, it's the platform guys who get whacked, not the network guys - after all, the network keeps working, right? So I suspect that ingress and egress filtering are really something that networkers try to immediately deflect with an SEP field (Someone Else's Problem)
I mean, I'm running an ISP here, so I don't read the log entries for every blocked packet, but we _do_ monitor all customer's lines with MRTG and _of_course_ all the routers are configured to do unicast reverse path verification. Hasn't brought the backbone to a crawl yet ;-)
Whoah - a Networking Guy who Gets It! Hey, cool! mjr. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Botnets, IRC servers and firewalls?, (continued)
- Message not available
- Re: Botnets, IRC servers and firewalls? Marcus J. Ranum (Feb 04)
- Re: Botnets, IRC servers and firewalls? Mark Tinberg (Feb 05)
- Re: Botnets, IRC servers and firewalls? Paul Robertson (Feb 03)
- Re: Botnets, IRC servers and firewalls? Abe Singer (Feb 03)
- Re: Botnets, IRC servers and firewalls? Jeremiah Cornelius (Feb 03)
- Re: Botnets, IRC servers and firewalls? Abe Singer (Feb 03)
- Re: Botnets, IRC servers and firewalls? Marcus J. Ranum (Feb 04)
- Re: Botnets, IRC servers and firewalls? Patrick M. Hausen (Feb 04)
- Re: Botnets, IRC servers and firewalls? Marcus J. Ranum (Feb 04)
- Re: Botnets, IRC servers and firewalls? Chris Blask (Feb 04)
- Re: Botnets, IRC servers and firewalls? Patrick M. Hausen (Feb 05)
- Re: Botnets, IRC servers and firewalls? mlh (Feb 04)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)
- Re: Botnets, IRC servers and firewalls? Paul Robertson (Feb 05)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)
- Re: Botnets, IRC servers and firewalls? Paul Robertson (Feb 05)
- Re: Botnets, IRC servers and firewalls? Gadi Evron (Feb 05)