North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Customer-facing ACLs

  • From: Dave Pooser
  • Date: Fri Mar 07 19:52:49 2008

> Might as well do TCP 20, 21 and 23, too.  Woah, that slope's getting slippery!

Do bots try brute force attacks on Telnet and FTP? All I see at my firewall
are SSH attacks and spam. But sure, if there's a lot of Telnet abuse block
23 too; I think it's used about as rarely by "normal" customers as SSH is.

And I'm amazed how often "slippery slope" arguments are deployed to oppose
any sort of change at all. What percentage of consumer broadband users do
you think use SSH to connect to remote servers? 1%? 0.1%? 0.01%? It seems
intuitively obvious that the number of people who will call the help desk to
unblock their SSH (which should be a ~2 minute call anyway, if not a
self-service Web page with captcha) would be an order of magnitude less than
the number of remote network users who WON'T be calling/emailing your abuse
desk to complain about bots on your network hammering their servers.
Dave Pooser, ACSA
Manager of Information Services
Alford Media