North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Wired mag article on spammers playing traceroute games with trojaned boxes

  • From: Joe Abley
  • Date: Thu Oct 09 14:00:34 2003

On 9 Oct 2003, at 12:19, Vinny Abello wrote:

Personally, I think preventing residential broadband customers from hosting servers would limit a lot of that. I'm not saying that IS the solution. Whether or not that's the right thing to do in all circumstances for each ISP is a long standing debate that surfaces here from time to time. Same as allowing people to host mail servers on cable modems or even allowing them to access mail servers other than the ISP's.
"Hosting a server" looks very similar to "using an ftp client in active mode", "playing games over the network" or "using a SIP phone" to the network. Enumerating all permissible "servers" and denying all prohibited ones arguably requires an unreasonable shift of intelligence into the network. Allowing inbound connections by default and blocking specific types of traffic reactively has been demonstrated not to be an adequate solution, I think.

A more aggressive policy of blocking all inbound connections (and analogues using connectionless protocols) essentially denies direct access between edge devices, which implies quite an architectural shift.

I think it's more complicated than "prevent residential users from hosting servers".