nanog mailing list archives

Re: Block all servers?

From: "Adam Selene" <nospam () vguild com>
Date: Sat, 11 Oct 2003 11:03:25 -0600

NAT is more expensive to produce, so it should be an optional 
premium service, and that seems to be more and more the case.


Not necessarily when you consider the cost (in bandwidth,
network reliability and support staff) imposed by worms and kiddies
from other networks scanning your IP space for unsecured machines.

That's not even to mention the cost imposed by compromised systems.
Even if NAT only reduces compromised systems by 20%, that's a
cost savings.

Given that most edge hardware supports NAT, the additional cost
is nominal.

Getting IP space allocation is not without cost either.

    Adam

PS. Is this off-topic for NANOG? If so, I apologize. Given my networks
are repeatedly the victim of distributed DoS attacks from compromised
machines on other networks, it seemed relevant to me.

Current thread:

Re: Block all servers?, (continued)
- - - Re: Block all servers? Crist Clark (Oct 14)
    - Re: Block all servers? Steven M. Bellovin (Oct 14)
    - Re: Block all servers? Alex Yuriev (Oct 11)
    - Re: Block all servers? Steven M. Bellovin (Oct 11)
    - Re: Block all servers? ken emery (Oct 11)
    - RE: Block all servers? Terry Baranski (Oct 11)
    - Re: Block all servers? Petri Helenius (Oct 12)
    - Re: Block all servers? Majdi S. Abbas (Oct 10)
    - Re: Block all servers? Adam Selene (Oct 11)
    - Re: Block all servers? Petri Helenius (Oct 11)
    - Re: Block all servers? Adam Selene (Oct 11)
    - Re: Block all servers? Petri Helenius (Oct 11)
    - Re: Block all servers? Petri Helenius (Oct 10)
    - RE: Block all servers? Christopher Bird (Oct 11)
    - Re: Block all servers? jlewis (Oct 11)
- Fw: Re: Block all servers? Fred Heutte (Oct 14)
  - Re: Fw: Re: Block all servers? Chris Brenton (Oct 15)
    - Re: Fw: Re: Block all servers? Crist Clark (Oct 15)