North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Abuse procedures... Reality Checks

  • From: Matthew Black
  • Date: Sat Apr 07 23:58:48 2007 

On Sat, 7 Apr 2007 20:41:19 -0500 (CDT)
 Robert Bonomi <[email protected]> wrote:
BLUNT QUESTIONS: *WHO* pays me to figure out 'which parts' of a provider's
network are riddled with problems and 'which parts' are _not_? *WHO* pays
me to do the research to find out where the end-user boundaries are? *WHY*
should _I_ have to do that work -- If the 'upstream provider' is incapable of
keeping _their_own_house_ clean, why should I spend the time trying to figure
out which of their customers are 'bad guys' and which are not?

A provider *IS* responsible for the 'customers it _keeps_'.

And, unfortunately, a customer is 'tarred by the brush' of the reputation
of it's provider.



Um, with that reasoning, why not just block the whole /0 and
be done with it?

Seriously, I used to share your frustration and would block large
swaths of the Internet for rather minor offenses. I finally realized
this practice didn't help. Why not get yourself some sort of intrusion
detection/prevention system or fully firewall your hosts. If you have
a spam problem, get an e-mail security appliance which uses reputation
filtering to reject connections?

matthew black
california state university, long beach