30-01-05

ISP's protecting the networks enough ?

The discussion in the security community and the policy circles about the role that ISP's play in securing the network is going fullswing. Some ISP's are taking some actions and they all are very differentiated. At the Internet Storm center, the middle opinion in the center of a heated debate is interesting to start with
 

One model that I like is from one telecom company in Brazil. For the home adsl user, they block ingress traffic to some well known problematic ports, like ´hack-me´ 137-139, 445, and some service ports like 80, 1434, 1433,etc...according this company it reduced a lot the impact of some worms. They are now thinking about egress traffic, like for port 445. This is a good solution because the ingress block would prevent some worms from reaching the machine and the egress filter would prevent their infected users from scanning and infecting other network(s).

Corporate adsl users with static IP address are far more difficult and I dont believe that any filtering rules would work with them. They ´bought´ a link, and they must have access to all kind of traffic. Of course, if that traffic doesn't violate an AUP (Acceptable Use Policy).

http://isc.sans.org/diary.php?date=2005-01-25


01:11 Gepost door technology changes fast not a lot | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.