nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Port blocking last resort in fight against virus

From: "Christopher L. Morrow" <chris () UU NET>
Date: Wed, 13 Aug 2003 16:08:56 +0000 (GMT)



On Wed, 13 Aug 2003, Jack Bates wrote:


Christopher L. Morrow wrote:


This is the point, atleast I, have been trying to make for 2 years... end
systems, or as close to that as possible, need to police themselves, the
granularity and filtering capabilities (content filtering even) are
available at that level alone.


I agree with you Chris, but I also believe that temp filters do have a
role, even at backbones. One of my peers appears to be helping out my


the problem is, at the backbone level, its a very large hammer... and
often the peg is round while the hole is square :(



Honestly, it would be nice to offer different classes of service,
allowing user's that are semi-protected and user's that are free and
clear. The issue with doing so is dealing with the liability of


this is called 'managed firewall service' and some ISP's do a good
business with it, some even advertise their service and market it too! :)
There are some sticky points with managed firewall services that still
need ironing out (on a per-provider basis atleast) but its a great start,
and the filtering is done at the 'right' place, near the end node...
Previous By Date Next
Previous By Thread Next

Current thread: