[Dshield] ISP Responsibity...
craig at xeriom.net
Sat Aug 20 15:00:41 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
On 20 Aug 2005, at 03:21, Clinton E. Troutman wrote:
> Now that doesn't mean that triggers can't be set such that
> blatantly obvious
> behavior is flagged; mass email, mass IP scan, etc. These things are
> usually out of the boundaries of AUP anyway...
> But, I don't want anyone closing in/outbound ports for me for any
While in most cases I agree that they shouldn't be blocking ports -
especially not a blanket "these ports are blocked now and forever"
block - I believe that the ISP should have the option of closing the
ports for a limited time during extreme worm / storm / etc activity.
It would help halt the spread and since it is only for a limited time
it's something that I'd be willing to put up with as long as it was
handled well. Something similar to closing off a DDoS at the upstream
- - you don't do it forever, just while there's trouble.
Craig Webster | e: craig at xeriom.net | $monkey->dance();
Xeriom.NET | web: http://xeriom.net/ | $monkey->dance();
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
-----END PGP SIGNATURE-----
More information about the list