On Sat, 7 Apr 2007 20:41:19 -0500 (CDT)
Robert Bonomi <[EMAIL PROTECTED]> wrote:
BLUNT QUESTIONS: *WHO* pays me to figure out 'which parts' of a
provider's
network are riddled with problems and 'which parts' are _not_? *WHO* pays
me to do the research to find out where the end-user boundaries are? *WHY*
should _I_ have to do that work -- If the 'upstream provider' is incapable
of
keeping _their_own_house_ clean, why should I spend the time trying to
figure
out which of their customers are 'bad guys' and which are not?
A provider *IS* responsible for the 'customers it _keeps_'.
And, unfortunately, a customer is 'tarred by the brush' of the reputation
of it's provider.
Um, with that reasoning, why not just block the whole /0 and
be done with it?
Seriously, I used to share your frustration and would block large
swaths of the Internet for rather minor offenses. I finally realized
this practice didn't help. Why not get yourself some sort of intrusion
detection/prevention system or fully firewall your hosts. If you have
a spam problem, get an e-mail security appliance which uses reputation
filtering to reject connections?
matthew black
california state university, long beach
