North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: zotob - blocking tcp/445

  • From: Christopher L. Morrow
  • Date: Wed Aug 17 13:36:04 2005

On Wed, 17 Aug 2005, William Warren wrote:

>
> I may be off base here.  Can't an ips look at the traffic; say on 443
> and figure out whether the traffic is malicious or not?  If so then let
> it filter it.  I know IPS's aren't perfect, but, i would prefer this
> router be taken, if available and sensible including network outage or
> DDOS, than a hard block.  A quick block to mitigate and then an IPS rule

and you have an IPS that works on oc-192 SONET links? what about the
coming oc-768?