nanog mailing list archives
Re: BCP for ISP to block worms at PEs and NAS
From: Kim Onnel <karim.adel () gmail com>
Date: Sun, 17 Apr 2005 20:51:21 +0200
Even if they care, its consuming alot of CPU resources and bandwidth, i had a long quarrel with my teams members on should we do it or not, i understand that if we only provide best effort traffic without any filtering contracted its wrong to do it, but the ACL matches are so big, doing it on the Radius however is one nice other way to do it IMHO, there was once a worm using port 5000 which broke IPSec, and i had to modify it all over the place, same with MSSQL ports, a Centralised configuration is much better, i would like to see these methods documented anywhere (Practices for ISPs to block worms) On 4/17/05, J.D. Falk <jdfalk () cybernothing org> wrote:
On 04/17/05, Randy Bush <randy () psg com> wrote:On my Cisco-based SP network with RPMs in MGX chassis acting as PEs: I have the ACL below applied on many network devices to block the common worms ports,if you are a service provider, perhaps filtering in the core will not be appreciated by some customers. of course, as a provider, you can choose what 'service' you are providing. but, if you filter ports, it is not clear you are providing internet service.In practice, it is nearly certain that your users won't care (or even notice) -- but grumpygeeks will argue about it anyway. -- J.D. Falk As a carpenter bends the seat of a chariot <jdfalk () cybernothing org> I bend this frenzy round my heart.
Current thread:
- BCP for ISP to block worms at PEs and NAS Kim Onnel (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Suresh Ramasubramanian (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Randy Bush (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Christopher L. Morrow (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Randy Bush (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Christopher L. Morrow (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Sean Donelan (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Christopher L. Morrow (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS J.D. Falk (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Kim Onnel (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Christopher L. Morrow (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Randy Bush (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Sean Donelan (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS J.D. Falk (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Steven M. Bellovin (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS John Kristoff (Apr 17)
- Re: BCP for ISP to block worms at PEs and NAS Christopher L. Morrow (Apr 17)