[Dshield] ISP Responsibity...

Craig Webster craig at xeriom.net
Sat Aug 20 15:00:41 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 20 Aug 2005, at 03:21, Clinton E. Troutman wrote:
> [...]
> Now that doesn't mean that triggers can't be set such that  
> blatantly obvious
> behavior is flagged; mass email, mass IP scan, etc. These things are
> usually out of the boundaries of AUP anyway...
> But, I don't want anyone closing in/outbound ports for me for any  
> reason.

While in most cases I agree that they shouldn't be blocking ports -  
especially not a blanket "these ports are blocked now and forever"  
block - I believe that the ISP should have the option of closing the  
ports for a limited time during extreme worm / storm / etc activity.  
It would help halt the spread and since it is only for a limited time  
it's something that I'd be willing to put up with as long as it was  
handled well. Something similar to closing off a DDoS at the upstream  
- - you don't do it forever, just while there's trouble.

Yours,
Craig
- --
Craig Webster | e: craig at xeriom.net     | $monkey->dance();
Xeriom.NET    | web: http://xeriom.net/ | $monkey->dance();


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFDB0WZu5vuVozw5tYRAka4AJ98Nd3FaFRmO31LsJ39ZIoQA9WY2ACcDC03
9KkFF3uvrHnMXiopKmSEZ5Q=
=njLG
-----END PGP SIGNATURE-----


More information about the list mailing list