North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: M$SQL cleanup incentives
Thus spake <[email protected]> > If your network is able to contain slammer infected boxes without > melting down, who cares if you have a few infected customers? You > don't need to filter, and they'll all be encouraged to fix their systems > sooner. As one hoster put it to me, DoS and worm traffic is billable so it's not in the hoster's interests to protect customers -- quite the opposite in fact. > I don't believe we'll have to filter 1434/udp forever, but I plan to leave > the filters in place until we no longer need them or until they hurt more > than they help. What will you do when a similar worm appears on 53/udp or some other heavily-used port? We lucked out with Sapphire because MS/SQL is generally safe to block on public networks, but its speed can be easily applied to other protocols we can't afford to block. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
|