nanog mailing list archives
Re: Automatic shutdown of infected network connections
From: Nathan E Norman <nnorman () incanus net>
Date: Wed, 3 Sep 2003 07:20:28 -0500
On Wed, Sep 03, 2003 at 07:39:17AM -0500, Matthew S. Hallacy wrote:
On Tue, Sep 02, 2003 at 09:59:51AM -0500, Jonathan Crockett wrote:I work for a cable modem provider. What we came up with is a modem config that allows http, pop, and smtp while cutting the allowed bandwidth to 56k upstream and 56k downstrem. This way they can still get the needed updates, but are not able to blast our network. Secondary effect is that customer will call in an complain about slow speeds, then our techs can tell them why, they are slow and inform them how to fix the problem.Why in the world would you do that? the DOCSIS specification allows for filtering rules at the CPE, which means you could simply block icmp echo and ports 135-139+445 directly at their home network, causing no load whatsoever on your network, _and_ no more infected boxes (even at 56k).
The modem _is_ the CPE. There's no load on the network; just CPU on the modem. "modem config" != "CMTS config".
Besides, have you ever tried updating an XP system at 56k? It could literally take days.
You may have a point there. -- Nathan Norman - Incanus Networking mailto:nnorman () incanus net Perilous to all of us are the devices of an art deeper than we ourselves possess. -- Gandalf the Grey
Current thread:
- Re: Automatic shutdown of infected network connections Jonathan Crockett (Sep 02)
- Re: Automatic shutdown of infected network connections Matthew S. Hallacy (Sep 03)
- Re: Automatic shutdown of infected network connections Nathan E Norman (Sep 03)
- Re: Automatic shutdown of infected network connections Matthew S. Hallacy (Sep 03)
- Re: Automatic shutdown of infected network connections Nathan E Norman (Sep 03)
- Re: Automatic shutdown of infected network connections Matthew S. Hallacy (Sep 03)
- Re: Automatic shutdown of infected network connections Nathan E Norman (Sep 03)
- Message not available
- Re: Automatic shutdown of infected network connections Nathan E Norman (Sep 03)
- Re: Automatic shutdown of infected network connections Matthew S. Hallacy (Sep 03)
- Re: Automatic shutdown of infected network connections Mike Tancsa (Sep 03)
- Re: Automatic shutdown of infected network connections Roland Perry (Sep 03)