nanog mailing list archives
Re: Cisco says attacks are due to operational practices
From: Jared Mauch <jared () puck Nether net>
Date: Thu, 10 Feb 2000 21:22:40 -0500
On Thu, Feb 10, 2000 at 06:13:56PM -0800, Chris Cappuccio wrote:
Filtering incoming our outgoing ports for anybody's network but your own (not your customer's) is wrong. You know specifically what apps you are running. How can you know what your customer is running or what they want to do ?
Filtering my customers to prevent them from sending me packets with source ip addresses other than those they have told me about, or I have assigned to them is not wrong.
If the customer is aware this is happening or even requests this type of firewall service, that's great. But to filter ports on backbone routers is stupid.
Lets explain it this way: If I were operating a telephone network, I would only allow calls from numbers that I assigned, or my customers ask to be routed to them. Or even this: If I operate a cellular network, I can choose what the source number is on their telephone, and if I want to allow it. - Jared
Current thread:
- Cisco says attacks are due to operational practices Sean Donelan (Feb 10)
- Re: Cisco says attacks are due to operational practices Tom Beeson (Feb 10)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Chris Cappuccio (Feb 10)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Majdi S. Abbas (Feb 10)
- Re: Cisco says attacks are due to operational practices Jared Mauch (Feb 10)
- Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 10)
- Re: Cisco says attacks are due to operational practices Chris Cappuccio (Feb 10)
- Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 10)
- Re: Cisco says attacks are due to operational practices Chris Cappuccio (Feb 10)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Bora Akyol (Feb 11)
- Re: Cisco says attacks are due to operational practices adrian (Feb 11)
- Re: Cisco says attacks are due to operational practices Adam McKenna (Feb 11)
- Re: Cisco says attacks are due to operational practices Stephen Sprunk (Feb 11)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Tom Beeson (Feb 10)
- Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 11)