[Dshield] Idea for dealing with ISPs that ignore abusenotificatons was...
markt442 at yahoo.com
Tue Aug 29 00:45:51 GMT 2006
While the idea of only allowing "approved" IP's to
communicate with you network sounds great, what do
you do with the remainder who try to reach out and
touch your network. What if they require access and
restricted. In security, we follow the methodology of
"concept of least privilege" right? Would this be to
restrictive only to allow approved IP's?
Additionally, how would one get on an approved list?
While I like the topic, I think the whole industry
would have to change in regards how it deals with
SPAM. What about freedom of speech? Your essentially
filtering it! While I hate SPAM like the rest, I'm
personally interested in brainstorming further on the
Lastly, I agree with leading the industry and helping
to set new trends. This has my eye!
Leo A. Dregier III
How about "Policy-Based Routing" of services?
Instead of "block" - reroute the traffic to another
server running Squidgaurd and serve them a "portal" to
All of your "domestic" customers would sail thru your
ACL and go to your primary server, IP addresses that
are sourced outside your "region of business" would
happen upon your "secondary server".
There are services out there that attempt to map an IP
address to a Location for providing customer service,
data mining your visitors etc. Your actual mileage may
vary - so do your research. You may be able to use
such a list to better tune your ACLs.
Note on perception of "market reach". Valdis noted
that a Virginia car dealership may not sell beyond
their current market. I personally know a few
dealerships that specialize in a particular vehicle
and sell cars "globally". Customers in over 100
countries global. Mom and Pop are starting to wake up
to the global market and in running services that are
not properly managed and become part of the bigger
Have fun - play safe.
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the list