nanog mailing list archives
Re: Customer-facing ACLs
From: Chris Marlatt <cmarlatt () rxsec com>
Date: Mon, 10 Mar 2008 10:10:23 -0400
Dave Pooser wrote:
Do bots try brute force attacks on Telnet and FTP? All I see at my firewall are SSH attacks and spam. But sure, if there's a lot of Telnet abuse block 23 too; I think it's used about as rarely by "normal" customers as SSH is.
Depending on the ip space I find FTP brute force attacks 10 times more common than SSH attacks. There really isn't a blanket rule you can impose.
On a different note, unless you clearly advertise that you're offering filtered services I don't really find the practice ethical - and no a tiny line in the TOS doesn't really cut it IMHO.
That doesn't mean it can't be done, simply spin the imposed ACL as a value-add and that your customers are now on a "safer internet".
Regards,
Chris
Current thread:
- Re: NANOG laptops (was Re: Customer-facing ACLs), (continued)
- Re: NANOG laptops (was Re: Customer-facing ACLs) Randy Bush (Mar 09)
- Re: NANOG laptops (was Re: Customer-facing ACLs) Bill Woodcock (Mar 09)
- Re: NANOG laptops (was Re: Customer-facing ACLs) Al Iverson (Mar 09)
- Re: NANOG laptops (was Re: Customer-facing ACLs) Marshall Eubanks (Mar 09)
- Re: NANOG laptops (was Re: Customer-facing ACLs) William Allen Simpson (Mar 09)
- Re: NANOG laptops (was Re: Customer-facing ACLs) Mark Prior (Mar 10)
- Re: NANOG laptops (was Re: Customer-facing ACLs) Bill Woodcock (Mar 09)
- Re: Customer-facing ACLs Justin Shore (Mar 09)
- Re: Customer-facing ACLs Adrian Chadd (Mar 08)
- Re: Customer-facing ACLs Justin Shore (Mar 08)
- Re: Customer-facing ACLs Chris Marlatt (Mar 10)
- Re: Customer-facing ACLs Adrian Chadd (Mar 10)
- Re: Customer-facing ACLs Justin Shore (Mar 10)
- Re: Customer-facing ACLs Marshall Eubanks (Mar 18)
- Re: Customer-facing ACLs Jon Lewis (Mar 18)
- Re: Customer-facing ACLs Adrian Chadd (Mar 18)
- Re: Customer-facing ACLs Justin Shore (Mar 07)
- Re: Customer-facing ACLs Adrian Chadd (Mar 07)