North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SP's & network security issues

  • From: Jeff Gehlbach
  • Date: Thu Aug 09 12:11:57 2001

On Thu, Aug 09, 2001 at 11:01:38AM -0400, Travis Pugh wrote:

> I'd think that a good default stance would be to block all incoming TCP
> connections that aren't part of an established session, for all broadband
> customers.  Most of them would never notice, as email and http still work.

Consider things like IRC DCC and (more mainstream) instant messaging
direct connections for file transfers, voice, etc.  Limiting this to
privileged ports (<1024) might be more viable.

> Run an abuse department that responds quickly to customers

I thought there was an RFC defining the [email protected] alias as the bit bucket...

> ... except to say it's nice to see someone trying to wrap their head around
> these issues.

Wholeheartedly agreed.

Jeff Gehlbach, Concord Communications <[email protected]>
Senior Professional Services Consultant, Atlanta
ph. 678.265.6067  fax 770.384.0183