Security Incidents mailing list archives

RE: Nimda et.al. versus ISP responsibility ---> a few thoughts

From: "Alejandro Mezcua" <amezcua () zaltor com>
Date: Fri, 28 Sep 2001 01:05:14 +0200

There are also other kind of 'ISPs' like myself who only provide
'application level' services but not connectivity. I do provide web &
e-mail services to my clients, mostly hosting web applications which we
develop + integrated mail, but they get their own connectivity providers
to fit their needs.
 
How should then my connectivity provider filter HTTP traffic for each of
my clients to prevent my wasted bandwidth?
 
I know i filter e-mail messages, should i ask my provider to filter them
for me, for my own customers?
 
You can imagine what they'll tell me...
 
I think you're all seeing the problem from just one perspective but
there are many more situations possible, the 'ISP' market is very
eterogeneous with a lot of different posibilities at present time.

        -----Mensaje original----- 
        De: Kee Hinckley 
        Enviado el: jueves 27/09/2001 22:33 
        Para: Marc Ducharme 
        CC: incidents () securityfocus com 
        Asunto: RE:Nimda et.al. versus ISP responsibility ---> a few
thoughts
        
        

        -----BEGIN PGP SIGNED MESSAGE-----
        Hash: SHA1
        
        At 11:34 AM -0700 9/27/01, Marc Ducharme wrote:
        >I also think that ISPs could react to protect their clients
when worm
        >spreads. Adding a few lines to their routers to block a worm's
profile
        >should not be a big deal.
        
        Blocking ports to/from all machines inside an ISP network is
simple.
        Blocking ports to/from some machines inside an ISP network
probably
        requires new software/hardware.
        Blocking *content* to/from any machines inside an ISP network is
a
        huge hit on performance and resources.  The difference in
        software/hardware required to route a packet vs. examine the
packet
        is huge.
        - --
        
        Kee Hinckley - Somewhere.Com, LLC
        http://consulting.somewhere.com/
        nazgul () somewhere com (or ...!alice!nazgul for time travelers :-)
        
        I'm not sure which upsets me more: that people are so unwilling
to accept
        responsibility for their own actions, or that they are so eager
to regulate
        everyone else's.
        
        -----BEGIN PGP SIGNATURE-----
        Version: PGP Personal Security 7.0.3
        
        iQA/AwUBO7OOPCZsPfdw+r2CEQLPJgCdHXVo6nXBKr0pPRqHs8ERDJ+8pwQAoOAZ
        Kz291i2KOfJeQkv8JPZGbmjK
        =XDFf
        -----END PGP SIGNATURE-----
        
        
------------------------------------------------------------------------
----
        This list is provided by the SecurityFocus ARIS analyzer
service.
        For more information on this free incident handling, management
        and tracking system please see: http://aris.securityfocus.com

Current thread:

RE:Nimda et.al. versus ISP responsibility ---> a few thoughts Marc Ducharme (Sep 27)
- RE:Nimda et.al. versus ISP responsibility ---> a few thoughts Kee Hinckley (Sep 27)
- <Possible follow-ups>
- RE:Nimda et.al. versus ISP responsibility ---> a few thoughts Bill_Royds (Sep 27)
- RE: Nimda et.al. versus ISP responsibility ---> a few thoughts Alejandro Mezcua (Sep 27)