RE: Nimda et.al. versus ISP responsibility ---> a few thoughts

From: Alejandro Mezcua (amezcua@zaltor.com)
Date: 09/28/01


Subject: RE: Nimda et.al. versus ISP responsibility ---> a few thoughts
Date: Fri, 28 Sep 2001 01:05:14 +0200
Message-ID: <A6CEEB4B100DA74E8EEB92DE0FE1F2F0011835@COPERNICO.madrid.zaltor.com>
From: "Alejandro Mezcua" <amezcua@zaltor.com>

There are also other kind of 'ISPs' like myself who only provide
'application level' services but not connectivity. I do provide web &
e-mail services to my clients, mostly hosting web applications which we
develop + integrated mail, but they get their own connectivity providers
to fit their needs.
 
How should then my connectivity provider filter HTTP traffic for each of
my clients to prevent my wasted bandwidth?
 
I know i filter e-mail messages, should i ask my provider to filter them
for me, for my own customers?
 
You can imagine what they'll tell me...
 
I think you're all seeing the problem from just one perspective but
there are many more situations possible, the 'ISP' market is very
eterogeneous with a lot of different posibilities at present time.

        -----Mensaje original-----
        De: Kee Hinckley
        Enviado el: jueves 27/09/2001 22:33
        Para: Marc Ducharme
        CC: incidents@securityfocus.com
        Asunto: RE:Nimda et.al. versus ISP responsibility ---> a few
thoughts
        
        

        -----BEGIN PGP SIGNED MESSAGE-----
        Hash: SHA1
        
        At 11:34 AM -0700 9/27/01, Marc Ducharme wrote:
>I also think that ISPs could react to protect their clients
when worm
>spreads. Adding a few lines to their routers to block a worm's
profile
>should not be a big deal.
        
        Blocking ports to/from all machines inside an ISP network is
simple.
        Blocking ports to/from some machines inside an ISP network
probably
        requires new software/hardware.
        Blocking *content* to/from any machines inside an ISP network is
a
        huge hit on performance and resources. The difference in
        software/hardware required to route a packet vs. examine the
packet
        is huge.
        - --
        
        Kee Hinckley - Somewhere.Com, LLC
        http://consulting.somewhere.com/
        nazgul@somewhere.com (or ...!alice!nazgul for time travelers :-)
        
        I'm not sure which upsets me more: that people are so unwilling
to accept
        responsibility for their own actions, or that they are so eager
to regulate
        everyone else's.
        
        -----BEGIN PGP SIGNATURE-----
        Version: PGP Personal Security 7.0.3
        
        iQA/AwUBO7OOPCZsPfdw+r2CEQLPJgCdHXVo6nXBKr0pPRqHs8ERDJ+8pwQAoOAZ
        Kz291i2KOfJeQkv8JPZGbmjK
        =XDFf
        -----END PGP SIGNATURE-----
        
        
------------------------------------------------------------------------
----
        This list is provided by the SecurityFocus ARIS analyzer
service.
        For more information on this free incident handling, management
        and tracking system please see: http://aris.securityfocus.com
        
        



Relevant Pages

  • Re: Port 135 Probes Continue
    ... I'm one who also doesn't believe the ISP ... should decide what ports to filter. ... linux intrusions vs. windows intrusions and factor in windows being on ...
    (comp.os.linux.security)
  • Re: Port 135 Probes Continue
    ... I'm one who also doesn't believe the ISP ... should decide what ports to filter. ... linux intrusions vs. windows intrusions and factor in windows being on ...
    (comp.os.linux.security)
  • Re: Port 135 Probes Continue
    ... I'm one who also doesn't believe the ISP ... should decide what ports to filter. ... linux intrusions vs. windows intrusions and factor in windows being on ...
    (comp.security.unix)
  • Re: Port 135 Probes Continue
    ... I'm one who also doesn't believe the ISP ... should decide what ports to filter. ... linux intrusions vs. windows intrusions and factor in windows being on ...
    (comp.security.unix)
  • Re: Port 135 Probes Continue
    ... I'm one who also doesn't believe the ISP ... should decide what ports to filter. ... linux intrusions vs. windows intrusions and factor in windows being on ...
    (comp.security.misc)