[Dshield] should ISPs close ports (was: Windows Messenger Popup
jeff-kell at utc.edu
Tue Jun 24 01:43:48 GMT 2003
A slight variation on the theme... clearly an ISP should not be doing
any filtering on their own initiative. To do so would not be providing
full internet access, as others have pointed out.
However, what about filtering by mutual consent?
Obviously an ISP cannot tailor ACLs for each cable or DSL customer, but
they could provide some "pre-packaged" filtering by choice.
As a university, we are getting large enough to be considered at least a
small ISP. Our ingress (and egress) filters are quite considerable, and
a growing percentage of traffic is chewed away by the filters. It would
be nice to have the ingress filter on the other end of the pipe - saving
us the bandwidth it takes to transmit junk that will be blocked anyway.
The "noise level" (packets blocked at ingress) has been steadily growing
as long as the internet has, perhaps growing faster than the net itself
eventually (if not already).
More information about the list