North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ISPs' willingness to take action

  • From: kenw
  • Date: Mon Oct 27 11:08:11 2003

On Mon, 27 Oct 2003 10:25:36 -0500 (EST), you wrote:

>...
>As a non-ISP consultant, when a client asks you to configure their
>Exchange server do you always conduct a top-to-bottom security analysis of
>the client's entire business infrastructure and refuse to do business with
>them until after they have corrected every deficiency?  Or does the client
>just say screw you, and hires a different consultant that will do what
>the client wants?
>...

I said "low hanging fruit".  I didn't say "top-to-bottom security
analysis".

>...
>> 3) There was a thread a little while ago that talked about a way to cut
>> down spam by simply restricting who you would accept SMTP traffic from.
>> Unfortunately, I don't recall the details, but at the time it struck me as
>> eminently sensible, and just required cooperation between ISPs to implement
>> effectively.

Does NOBODY remember that thread?  

>Again, look the postal mail system.  One proposal required everyone mail
>letters in person at the post office, and show id to the postal clerk.

Straw dogs... come on!  It's like saying we can't take drastic,
inappropriate measures, so we can't take any at all.

>...
>ISPs are doing a lot to protect end-users.  Some examples include
>
>Education campaigns
>Free anti-virus software
>Free personal firewall software
>Port filters (port 80 anyone?)
>Notification of compromised systems
>Incident Response
>Intrusion Detection/Intrusion Prevention
>Managed Security Services

And if all ISPs were doing all these thing (as you try to imply) we'd all
be a lot better off, wouldn't we?

>Unfortunately some of the argument is a bit like the old cries for public
>payphone companies were responsible for the drug dealers in poor
>neighborhoods.  So they removed public payphones.  The drug dealing
>problem wasn't solved.

"A strong conviction that something must be done is the parent
of many bad measures." -- Daniel Webster 

So, am I advocating bad measures?

/kenw
Ken Wallewein CDP,CNE,MCSE,CCA,CCNA
K&M Systems Integration
Phone (403)274-7848
Fax   (403)275-4535
[email protected]
www.kmsi.net