North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Customer-facing ACLs

  • From: Adrian Chadd
  • Date: Sat Mar 08 03:24:15 2008

On Sat, Mar 08, 2008, Mark Foster wrote:

> To me, at least half the users likely to be running either Linux or Mac 
> are going to be the same users who're going to request they be allowed 
> outbound SSH.... is the blocking of outbound SSH considered to be 
> sufficiently useful that we're advocating it these days?
> (Aren't we all just moving SSH to non-standard ports within our 
> networks anyway?)

.. I'm surprised botnets aren't big enough right now to do surreptitious port
scans of machines (there's 'only' 64k ports nowdays!) over timeframes measured
in weeks, from arbitrary bots (ie, not a single IP) to get a scanning footprint
to later submit in the "crack" queue.

Makes me think about Google, to be honest.

Who has more machines, botnets, or google? :)