Security Incidents mailing list archives
RE:Nimda et.al. versus ISP responsibility ---> a few thoughts
From: Kee Hinckley <nazgul () somewhere com>
Date: Thu, 27 Sep 2001 16:33:09 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 11:34 AM -0700 9/27/01, Marc Ducharme wrote:
I also think that ISPs could react to protect their clients when worm spreads. Adding a few lines to their routers to block a worm's profile should not be a big deal.
Blocking ports to/from all machines inside an ISP network is simple. Blocking ports to/from some machines inside an ISP network probably requires new software/hardware. Blocking *content* to/from any machines inside an ISP network is a huge hit on performance and resources. The difference in software/hardware required to route a packet vs. examine the packet is huge. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ nazgul () somewhere com (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Security 7.0.3 iQA/AwUBO7OOPCZsPfdw+r2CEQLPJgCdHXVo6nXBKr0pPRqHs8ERDJ+8pwQAoOAZ Kz291i2KOfJeQkv8JPZGbmjK =XDFf -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE:Nimda et.al. versus ISP responsibility ---> a few thoughts Marc Ducharme (Sep 27)
- RE:Nimda et.al. versus ISP responsibility ---> a few thoughts Kee Hinckley (Sep 27)
- <Possible follow-ups>
- RE:Nimda et.al. versus ISP responsibility ---> a few thoughts Bill_Royds (Sep 27)
- RE: Nimda et.al. versus ISP responsibility ---> a few thoughts Alejandro Mezcua (Sep 27)