nanog mailing list archives
Re: Security of National Infrastructure
From: Mark Foster <blakjak () blakjak net>
Date: Sat, 30 Dec 2006 12:10:14 +1300 (NZDT)
On Fri, 29 Dec 2006, Peter Corlett wrote:
Why is it that every company out there allows connections through their firewalls to their web and mail infrastructure from countries that they don't even do business in. Shouldn't it be our default to only allow US based IP addresses and then allow others as needed? The only case I can think of would be traveling folks that need to VPN or something, which could be permitted in the Firewall, but WHY WIDE OPEN ACCESS? We still seem to be in the wild west, but no-one has the b@lls to be braven and block the unnecessary access.I assume you want this: http://geekculture.com/joyoftech/joyarchives/446.htmlMost "unnecessary access" I see seems to be coming from US-based IP addresses anyway. A Great Firewall Of USA would certainly reduce the amount of spam I get :)
Hear Hear!It'd be amazing how much easier my mail handling life would be if I could blindly drop *.comcast.net without worrying about collateral damage.
(Some years ago I had to ring an ISP in the US - and i'm in NZ - and ask them by _phone_ why they appeared to be filtering connections from here to their web server, despite the fact we were one of their customers. Turns out that they had inbound filters applied to 202/8. Whoopsie?)
Mark. (Its the Internet, not the USofA-net. Damnit!)
Current thread:
- Security of National Infrastructure The Shadow (Dec 29)
- Re: Security of National Infrastructure Randy Bush (Dec 29)
- Re: Security of National Infrastructure Jerry Pasker (Dec 29)
- Re: Security of National Infrastructure Petri Helenius (Dec 29)
- Re: Security of National Infrastructure Chris L. Morrow (Dec 29)
- Re: Security of National Infrastructure Alexander Harrowell (Dec 30)
- Re: Security of National Infrastructure Jerry Pasker (Dec 29)
- Re: Security of National Infrastructure Joseph S D Yao (Dec 29)
- Re: Security of National Infrastructure Kevin Day (Dec 29)
- Re: Security of National Infrastructure Peter Corlett (Dec 29)
- Re: Security of National Infrastructure Mark Foster (Dec 29)
- <Possible follow-ups>
- Re: Security of National Infrastructure Scott Weeks (Dec 29)
- Re: Security of National Infrastructure Randy Bush (Dec 29)