North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BCP for ISP to block worms at PEs and NAS

  • From: Christopher L. Morrow
  • Date: Sun Apr 17 22:23:32 2005


On Sun, 17 Apr 2005, J.D. Falk wrote:

>
> On 04/17/05, Randy Bush <randy@psg.com> wrote:
>
> > > On my Cisco-based SP network with RPMs in MGX chassis acting as PEs:
> > > I have the ACL below applied on many network devices to block the
> > > common worms ports,
> >
> > if you are a service provider, perhaps filtering in the core will
> > not be appreciated by some customers.  of course, as a provider,
> > you can choose what 'service' you are providing.  but, if you
> > filter ports, it is not clear you are providing internet service.
>
> 	In practice, it is nearly certain that your users won't care (or
> 	even notice) -- but grumpygeeks will argue about it anyway.

interesting... everytime we have filtered in the core we've gotten
complaints, I believe many folks filtered/rate-limited in their cores for
welchia/nachia and got bunches of complaints about it as well... Hrm,
maybe all of these folks are just grumpy-geeks?