Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SQL Slammer - lessons learned

From: "David Howe" <DaveHowe () cmn sharp-uk co uk>
Date: Fri, 7 Feb 2003 17:56:30 -0000
at Friday, February 07, 2003 2:38 PM, Niels Bakker
<niels=netsys () bakker net> was seen to say:

I'm not sure why this issue keeps getting rehashed.  It's been well
established that a policy of denying all that isn't needed is prudent.
Also, it's been established that it's not up to connectivity providers
to force their ideas of proper filters on everyone.

For that matter - we all grew up long enough ago to be able to lock our
own front doors - not rely on someone else to pre-emptively brick
sections up on the offchance that we left that door open accidentally.
One thing I *would* like to see more is ISP willingness to let us
control the filter at *their* side of the pipe; by the time it has
bounced off my firewall it has already used up bandwidth I pay for.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: