Re: hybrid approaches (Re: "Default" Internet Service)

North American Network Operators Group

Re: hybrid approaches (Re: "Default" Internet Service)

From: Matthew Sullivan
Date: Mon Jun 14 23:53:45 2004

Edward B. Dreger wrote:

Apologies for forking yet another thread from one which I myself
have been largely ignoring. AFAICT, though, most posts have
shown little interest in combining different approaches:

* Provide a "default" sandbox.

* Allow unrestricted access -- perhaps after a quiz, perhaps when
a user activates a form.

* Let IDS trigger sandbox mode.

* Provide IDS-triggered-sandbox override for those who agree in
writing to <blah>.

* Anyone in the IDS-proof class who spews filth deserves to be
fined.

* Use different IP ranges for different service classes. Flag in
rwhois, a special RRTYPE, or whatever suits one's fancy. (This
assumes that providers could agree on a standard.)

Perhaps no one tactic fixes everything. Fine. I readily admit
that the above combination isn't a miracle cure. But is there a
moderate chance for improvement? I think so.

*applause*

Whilst I may not communicate it sometimes - this sums up all my thoughts on the matter quite neatly, you have my whole hearted support.

/ Mat

References:
- hybrid approaches (Re: "Default" Internet Service) Edward B. Dreger

Prev by Date: Re: DDoS mitigation with BGP communities
Next by Date: Re: DDoS mitigation with BGP communities
Date Index
Thread Index
Author Index
Historical