Re: Customer-facing ACLs

North American Network Operators Group

Re: Customer-facing ACLs

From: Chris Marlatt
Date: Mon Mar 10 10:20:45 2008

Dave Pooser wrote:


Do bots try brute force attacks on Telnet and FTP? All I see at my firewall
are SSH attacks and spam. But sure, if there's a lot of Telnet abuse block
23 too; I think it's used about as rarely by "normal" customers as SSH is.

Depending on the ip space I find FTP brute force attacks 10 times more common than SSH attacks. There really isn't a blanket rule you can impose.

On a different note, unless you clearly advertise that you're offering filtered services I don't really find the practice ethical - and no a tiny line in the TOS doesn't really cut it IMHO.

That doesn't mean it can't be done, simply spin the imposed ACL as a value-add and that your customers are now on a "safer internet".

Regards,

Chris

Follow-Ups:
- Re: Customer-facing ACLs Adrian Chadd

References:
- Re: Customer-facing ACLs Dave Pooser

Prev by Date: Re: Tools to measure TCP connection speed
Next by Date: Re: Customer-facing ACLs
Date Index
Thread Index
Author Index
Historical