-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MMorellat_private wrote: > > Now, the question posed is, Should the ISP's be responsible > for policing hosts on their networks. > > The answer is clearly No. This goes against everything the > net stands for. > I think there is a mid-ground wherein all ISPs are responsible for both ingress and egress filtering of all traffic on their network to ensure it is valid traffic (e.g.., making sure that customer A cannot inject traffic into the network with a source IP that doesn't belong to them...nearly eliminating spoofing) but stopping short of scanning payloads of packets. Additionally, ISPs should allow customers to choose filtered connections if they wish. Customers should be able to work with ISPs to create traffic shaping rules as to what is and is not OK on the pipe they are paying for. Of course, individuals should be responsible for their own servers but if they are not, ISPs should be allowed to bill them for the extra bandwidth they're wasting and labor they're causing the ISP to expend to deal with their negligence. > If they refuse to do anything about it or to reply back and I > still see activity. I will either block that host or subnet > if necessary. > But if you block it at your edge router, it still wastes the bandwidth coming to you from your ISP. You should not have to pay for viruses that waste your bandwidth. An ISP should honor requests of its customers to insert egress filters into their edge routers so your router will never see the traffic. = Aaron P. Howard CCNA, RHCE, CNE, MCSE -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (MingW32) - WinPT 0.4.0 Comment: For info see http://www.gnupg.org iD8DBQE7s5aTNntqA0cOAPwRAsCTAJ9QDvXe6ySva5PPReckIUp8R6x5IQCcDxA+ E96hzUt/vSIUHwCRH/azBIE= =aTib -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 14:21:47 PDT