[Dshield] Private IP addresses

David Kennedy CISSP david.kennedy at acm.org
Fri Jul 27 17:36:04 GMT 2001


At 03:42 PM 7/27/01 +0200, security at admin.fulgan.com wrote:
>Well, a really well-rounded ISP should:
>1/ Properly filter out spoofed packets, both on their gateway and in
>their client first node.
>2/ By default filter NetBIOS ports.
>3/ Run anti-virus scanners on their mail gateway.
>4/ Have someone actually READ the filter logs.
>Sadly, I have failed to find ANY ISP that follows more than one of

It's my experience that ISP's are in the business of passing traffic
at the least cost for the highest profit.  Items 1-3 on this list are
the antithesis of this model.  There is no profit incentive to
spending the time and in some cases money for upgraded hardware for
1&2, the time, hardware and software for #3 and the time for #4. 
Pilot was the only ISP that was ever on my radar screen as providing
secure Internet services.  If you are not aware, Pilot went bankrupt
a couple months ago.

I'm not saying this is a list of bad things, quite the contrary, but
I am saying it is unreasonable to expect ISP's to start doing this
anytime before the sun goes dark or the "benevolent" hand of
government is felt.

If you desire these things, you have spend your own money and put
them up on your own perimeter.

Version: PGP Personal Privacy 6.5.8
Comment: hacker=cybercriminal the definition has changed; get over it



David Kennedy CISSP
Director of Research Services, TruSecure Corp. http://www.trusecure.com
Protect what you connect.
Look both ways before crossing the Net.

More information about the list mailing list