[Dshield] Private IP addresses

David Kennedy CISSP david.kennedy at acm.org
Fri Jul 27 17:36:04 GMT 2001


-----BEGIN PGP SIGNED MESSAGE-----

At 03:42 PM 7/27/01 +0200, security at admin.fulgan.com wrote:
>Well, a really well-rounded ISP should:
>
>1/ Properly filter out spoofed packets, both on their gateway and in
>their client first node.
>
>2/ By default filter NetBIOS ports.
>
>3/ Run anti-virus scanners on their mail gateway.
>
>4/ Have someone actually READ the filter logs.
>
>Sadly, I have failed to find ANY ISP that follows more than one of
>these...

It's my experience that ISP's are in the business of passing traffic
at the least cost for the highest profit.  Items 1-3 on this list are
the antithesis of this model.  There is no profit incentive to
spending the time and in some cases money for upgraded hardware for
1&2, the time, hardware and software for #3 and the time for #4. 
Pilot was the only ISP that was ever on my radar screen as providing
secure Internet services.  If you are not aware, Pilot went bankrupt
a couple months ago.

I'm not saying this is a list of bad things, quite the contrary, but
I am saying it is unreasonable to expect ISP's to start doing this
anytime before the sun goes dark or the "benevolent" hand of
government is felt.

If you desire these things, you have spend your own money and put
them up on your own perimeter.

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: hacker=cybercriminal the definition has changed; get over it

iQCVAwUBO2Gmd/GfiIQsciJtAQG42wP/aEVTTutw4BCjUrKPC19bYYs0Kbvpea+3
63Bf2MGaY4fQBj0lRlrFOunY88IDeFI+lZWyqC5tgkZmhOP6ZX36pBzlIH9D96A3
HMOS54v76zSY9UKSCXqQk8vM8B+qj7eM4bU5frO/4qcJocIZ9HtlN17NSx6RVacq
Y7Og4UUktN8=
=FQvq
-----END PGP SIGNATURE-----

-- 
Regards,

David Kennedy CISSP
Director of Research Services, TruSecure Corp. http://www.trusecure.com
Protect what you connect.
Look both ways before crossing the Net.




More information about the list mailing list