North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox)
On Mon, 23 Jul 2007 [email protected] wrote: > > > Running email abuse desks for about a decade now makes me > > tend to agree with you .. and completely unfiltered pipes to > > the internet for customer broadband are a pipe dream, most places. > > If ISPs were able to standardize consumer Internet access services using > a gateway box, then the necessary filtering could be done on the gateway > which runs a secure OS. Of course its not too late to do this. > Essentially all the consumer edge infrastructure needs to be upgraded to > transition to IPv6. Rather than providing raw unfiltered Internet access > over IPv6, ISPs could use a standard gateway box. would you like that in black plastic? with a nice dial on top to spin? :) > > When I say "standardize", I mean that ISPs could collectively work out > the specs for such an IPv6 Internet gateway in the IETF along with > vendors and other interested parties. Once a standard spec is agreed > upon, vendors will make such boxes at the price-point that you need. I think that was discussed in v6ops actually just 5 mins ago. > > I would also expect that I can buy such a box and manage it myself if I > choose, rather than having the ISP manage it for me as with most users. > but it connects to my network, and if you touch it you could damage my network... we could maybe get some legislation to fix this... > I would also expect the box to have no NAT, use real IPv6 addresses, and > provide various firewall features to protect my home network better than > an IPv4 NAT box without preventing me from using new peer-to-peer > protocols like SIP. See the v6ops draft on CPE security... maybe that's a step in the right direction? I'm sure the author would like some commentary.
|