[Dshield] Idea for dealing with ISPs that ignore abusenotificatons was...

Mark markt442 at yahoo.com
Tue Aug 29 00:45:51 GMT 2006


Leo wrote:

Kenneth,
 
While the idea of only allowing "approved" IP's to
communicate with you network sounds great,  what do
you do with the remainder who try to reach out and
touch your network.  What if they require access and
are
restricted.  In security, we follow the methodology of
"concept of least privilege" right?  Would this be to
restrictive only to allow approved IP's? 
Additionally,  how would one get on an approved list?

While I like the topic, I think the whole industry
would have to change in regards how it deals with
SPAM.  What about freedom of speech?  Your essentially
filtering it!  While I hate SPAM like the rest,  I'm
personally interested in brainstorming further on the
subject.

Lastly,  I agree with leading the industry and helping
to set new trends.  This has my eye!

Leo A. Dregier III 

Leo,

How about "Policy-Based Routing" of services? 

Instead of "block" - reroute the traffic to another
server running Squidgaurd and serve them a "portal" to
request access.

All of your "domestic" customers would sail thru your
ACL and go to your primary server, IP addresses that
are sourced outside your "region of business" would
happen upon your "secondary server".

There are services out there that attempt to map an IP
address to a Location for providing customer service,
data mining your visitors etc. Your actual mileage may
vary - so do your research. You may be able to use
such a list to better tune your ACLs.

Note on perception of "market reach". Valdis noted
that a Virginia car dealership may not sell beyond
their current market. I personally know a few
dealerships that specialize in a particular vehicle
and sell cars "globally". Customers in over 100
countries global. Mom and Pop are starting to wake up
to the global market and in running services that are
not properly managed and become part of the bigger
problem.

Have fun - play safe.

-Mark

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the list mailing list