On Mon, 9 Sep 2002, Hank Nussbacher wrote:
> Looking for automatic off-the-shelf solution. Not something that requires > a NOC to constantly update a Cisco ACL. Correct me if I'm wrong, but the web (ok, most of it) has been running on TCP port 80 for quite a while now. So if you limit outgoing TCP packets to port 80 (and probably some variations, such as HTTP+SSL) to a few kbps, regardless of their destination, you don't hurt legitimate users except some very rare cases such as HTTP uploads but you make life less fun for spammers.