Re: [fw-wiz] Botnets, IRC servers and firewalls?

From: Patrick M. Hausen (hausen_at_punkt.de)
Date: 02/05/04

  • Next message: Gadi Evron: "Re: [fw-wiz] Botnets, IRC servers and firewalls?"
    To: "Marcus J. Ranum" <mjr@ranum.com>
    Date: Thu, 5 Feb 2004 09:21:10 +0100 (CET)
    
    

    Mornin'!

    Marcus J. Ranum wrote:

    > >I mean, I'm running an ISP here, so I don't read the log
    > >entries for every blocked packet, but we _do_ monitor
    > >all customer's lines with MRTG and _of_course_ all the
    > >routers are configured to do unicast reverse path verification.
    > >Hasn't brought the backbone to a crawl yet ;-)
    >
    > Whoah - a Networking Guy who Gets It! Hey, cool!

    But ... I'm doing it at the other side of the political
    border!

    For small businesses I'm still guilty of implementing NAT
    gateways that allow "everything out" since these customers
    aren't able to state what they want to allow. "Everything
    should work" - "OK".

    Then I put down my "consultant" hat and put on my
    "ISP technical director" hat and implement
    egress filters on _my_ routers.

    For anything bigger and more security aware than the mentioned small
    businessess we strongly recommend ALG based firewalls anyway - Ooops!
    Egress filtering for free! Magic! ;-)

    Regards,
    Patrick M. Hausen

    -- 
    punkt.de GmbH         Internet - Dienstleistungen - Beratung
    Vorholzstr. 25        Tel. 0721 9109 -0 Fax: -100
    76137 Karlsruhe       http://punkt.de
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Gadi Evron: "Re: [fw-wiz] Botnets, IRC servers and firewalls?"

    Relevant Pages