[Dshield] Why???

John Hardin johnh at aproposretail.com
Wed Oct 2 23:28:42 GMT 2002


On Wed, 2002-10-02 at 14:20, John Draper wrote:
> 
> Also,  I wouldn't expect most ISP's to "firewall" your connection. 
> Firewalling should ALWAYS be a local issue.

Not necessarily. RFC1918 nets should be blocked on all ISP boundaries,
for example, as should the loopback netblock, and appropriate ingress-
and egress-control rules should be in place.

-- 
John Hardin                                   <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
-----------------------------------------------------------------------
 ...people confuse "security" and "Trustworthy Computing."
                                 - Craig Mundie, MS Senior VP and CTO
-----------------------------------------------------------------------
 77 days until The Two Towers




More information about the list mailing list