Hi, On Wed, 21 Jan 2004 00:44:35 -0500 Pedro Sam <[EMAIL PROTECTED]> wrote:
> I take an opposite view point. ISP's should disable a user's account, > if that account is found to be launching any malicious attacks, > regardless of whether that account was intentionally malicious or was > simply hacked. Drop the bandwidth to 33.6kbps until the owner a) disinfects his machine, b) installs a firewall and AV software, and c) pays a $50 service charge to support the ISP's security infrastructure. > It's time people own up to the responsibility of a presence on the > internet. <rant> True, though I think blame for the current level of low security can be equally levied against operating system vendors that set customers up to fail by giving them exploitable-straight-out-of-the-box software, ISPs that don't actively help customers secure their systems and take a lax attitude towards incident response and both ingress and egress filtering, and customers who, if locked in an empty room naked with a bowling ball, would manage to lose it, break it, or cut themselves on it. Should a new customer be granted unfettered access to all ports? How likely is it that a customer legitimately needs to connect to an arbitrary remote system on tcp/901, tcp/1433, tcp/1434, tcp/3306, or tcp/6129? How likely is it that inbound connections to those ports are legitimate (throw in ports 25, 1080, and 3128 for good measure)? Should they get outbound http, https, ssh, ftp, game and p2p network access by default but be required to ask for other ports to be unblocked? When you buy residential broadband service, should you have the choice of a $200 anti-abuse deposit or $100 for a hardware firewall and your choice of A/V software with unlimited updates through the provider? There are plenty of options open to the consumer and the provider; most of the problem is the provider's cheapness and lack of creativity. Hint: you can solve both problems by firing those idiot Stanford MBAs you hired from failed dot-coms and take the money you save to hire some abuse staff and install a good IDS. </rant> -- Bob ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
