Re: [fw-wiz] Botnets, IRC servers and firewalls?
From: Patrick M. Hausen (hausen_at_punkt.de)
To: "Marcus J. Ranum" <firstname.lastname@example.org> Date: Thu, 5 Feb 2004 09:21:10 +0100 (CET)
Marcus J. Ranum wrote:
> >I mean, I'm running an ISP here, so I don't read the log
> >entries for every blocked packet, but we _do_ monitor
> >all customer's lines with MRTG and _of_course_ all the
> >routers are configured to do unicast reverse path verification.
> >Hasn't brought the backbone to a crawl yet ;-)
> Whoah - a Networking Guy who Gets It! Hey, cool!
But ... I'm doing it at the other side of the political
For small businesses I'm still guilty of implementing NAT
gateways that allow "everything out" since these customers
aren't able to state what they want to allow. "Everything
should work" - "OK".
Then I put down my "consultant" hat and put on my
"ISP technical director" hat and implement
egress filters on _my_ routers.
For anything bigger and more security aware than the mentioned small
businessess we strongly recommend ALG based firewalls anyway - Ooops!
Egress filtering for free! Magic! ;-)
Patrick M. Hausen
-- punkt.de GmbH Internet - Dienstleistungen - Beratung Vorholzstr. 25 Tel. 0721 9109 -0 Fax: -100 76137 Karlsruhe http://punkt.de _______________________________________________ firewall-wizards mailing list email@example.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards