nanog mailing list archives
Re: Customer-facing ACLs
From: Dave Pooser <dave.nanog () alfordmedia com>
Date: Fri, 07 Mar 2008 18:49:43 -0600
Might as well do TCP 20, 21 and 23, too. Woah, that slope's getting slippery!
Do bots try brute force attacks on Telnet and FTP? All I see at my firewall are SSH attacks and spam. But sure, if there's a lot of Telnet abuse block 23 too; I think it's used about as rarely by "normal" customers as SSH is. And I'm amazed how often "slippery slope" arguments are deployed to oppose any sort of change at all. What percentage of consumer broadband users do you think use SSH to connect to remote servers? 1%? 0.1%? 0.01%? It seems intuitively obvious that the number of people who will call the help desk to unblock their SSH (which should be a ~2 minute call anyway, if not a self-service Web page with captcha) would be an order of magnitude less than the number of remote network users who WON'T be calling/emailing your abuse desk to complain about bots on your network hammering their servers. -- Dave Pooser, ACSA Manager of Information Services Alford Media http://www.alfordmedia.com
Current thread:
- Re: Customer-facing ACLs, (continued)
- Re: Customer-facing ACLs Mark Tinka (Mar 08)
- Re: Customer-facing ACLs Adrian Chadd (Mar 10)
- Re: Customer-facing ACLs Jo Rhett (Mar 10)
- Re: Customer-facing ACLs Christopher Morrow (Mar 11)
- Re: Customer-facing ACLs Scott Weeks (Mar 07)
- Re: Customer-facing ACLs Justin Shore (Mar 07)
- Re: Customer-facing ACLs Dave Pooser (Mar 07)
- Re: Customer-facing ACLs Joel Jaeggli (Mar 07)
- Re: Customer-facing ACLs Justin Shore (Mar 07)
- Re: Customer-facing ACLs Scott Weeks (Mar 07)
- RE: Customer-facing ACLs Carpenter, Jason (Mar 07)
- Re: Customer-facing ACLs Dave Pooser (Mar 07)
- Re: Customer-facing ACLs Andy Dills (Mar 07)
- Re: Customer-facing ACLs Dave Pooser (Mar 07)
- Re: Customer-facing ACLs Mark Foster (Mar 07)
- RE: Customer-facing ACLs Frank Bulk (Mar 07)
- Re: Customer-facing ACLs Joel Jaeggli (Mar 07)
- RE: Customer-facing ACLs Frank Bulk - iNAME (Mar 08)
- Re: Customer-facing ACLs Justin Shore (Mar 08)
- RE: Customer-facing ACLs Frank Bulk - iNAME (Mar 08)
- Re: Customer-facing ACLs Dave Pooser (Mar 07)
- Re: Customer-facing ACLs Mark Foster (Mar 07)