nanog mailing list archives
Re: Schneier: ISPs should bear security burden
From: Steve Sobol <sjsobol () JustThe net>
Date: Wed, 27 Apr 2005 18:48:19 -0700
Bill Stewart wrote:
You could solve 90% of the problems that you perceive are being caused by unrestricted cable modem users by using blocklists to ignore traffic from them.
Which would be great if cable/DSL providers offered some insight into which of their netblocks should be blocked and which shouldn't, but that generally isn't the case, so by blocking a certain ip or /24 or whatever, I don't know if I'm blocking customers whose TOS allows them to run servers, or even perhaps blocking Internet-facing servers run by the provider.
(Aside from other valid issues mentioned in a reply that apparently hasn't hit nanog yet)
As somebody who picked a DSL provider specifically because it allows me to run any kind of server I want
What's rDNS for the ip address(es) assigned to you?
I'm not highly in favor of blocking traffic from broadband users and killing the end-to-end principle that makes the Internet work,
I'm not in favor of mindless blocking of entire netblocks that may contain stuff that should not be blocked, but broadband providers are notorious for (e.g.) lumping residential customers that can be blocked, with no collateral damage, in the same netblocks as business customers who need to run Internet facing servers, and (e.g.) not providing an easy way to differentiate between the two classes of customer in the first place.
-- JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638) Steven J. Sobol, Geek In Charge / sjsobol () JustThe net / PGP: 0xE3AE35ED "The wisdom of a fool won't set you free" --New Order, "Bizarre Love Triangle"
Current thread:
- Schneier: ISPs should bear security burden Fergie (Paul Ferguson) (Apr 26)
- Re: Schneier: ISPs should bear security burden Suresh Ramasubramanian (Apr 26)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 26)
- Re: Schneier: ISPs should bear security burden Steve Sobol (Apr 27)
- Re: Schneier: ISPs should bear security burden Steven M. Bellovin (Apr 27)
- Re: Schneier: ISPs should bear security burden Bill Stewart (Apr 27)
- Re: Schneier: ISPs should bear security burden Steve Sobol (Apr 27)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)
- Re: Schneier: ISPs should bear security burden Steven J. Sobol (Apr 27)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)
- Re: Schneier: ISPs should bear security burden Mark Newton (Apr 27)
- Re: Schneier: ISPs should bear security burden Steve Sobol (Apr 28)
- Re: Schneier: ISPs should bear security burden Steven Champeon (Apr 29)
- Re: Schneier: ISPs should bear security burden Valdis . Kletnieks (Apr 28)
- Re: Schneier: ISPs should bear security burden Steven Champeon (Apr 29)
- Re: Schneier: ISPs should bear security burden Suresh Ramasubramanian (Apr 29)
- Re: Schneier: ISPs should bear security burden Steven Champeon (Apr 29)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 26)
- Re: Schneier: ISPs should bear security burden Suresh Ramasubramanian (Apr 26)