On Sun, Oct 26, 2003 at 06:01:09PM -0700, [EMAIL PROTECTED] said:
I'm a little puzzled, and I hope people won't object to my asking about
this.
As I see it, we're experiencing an ever-increasing flood of garbage network
traffic. While not all of it is easy or appropriate to target, it
Top posting self-reply: looks like a lot of what I've suggested may have
finally been acknowledged by MS, according to a recent Register.co.uk
article.
http://www.theregister.co.uk/content/56/33599.html
We can only hope ...
--
Scott Francis || darkuncle (at) darkuncle (dot) net
illum
[EMAIL PROTECTED] wrote:
So, tell me--are you willing to pay a premium for
unfiltered access to the Internet?:)
Yes, that's why I don't use AOL.
Peter
Recently, [EMAIL PROTECTED] wrote:
* But customers of broadband ISP aren't going to want to pay more than
$40 a
month for any such thing you add,
You are right about the average customer. But this mythical beast is
composed of some less than average customers who just want plain
vanilla
* But customers of broadband ISP aren't going to want to pay more than
$40 a
month for any such thing you add,
You are right about the average customer. But this mythical beast is
composed of some less than average customers who just want plain
vanilla cheap service and some more than average
* [EMAIL PROTECTED] (Stewart, William C (Bill), RTSLS) [Mon 27 Oct 2003, 07:27 CET]:
I'm really surprised to hear the assertion that people are
leaving unfirewalled Exchange servers out on the net.
Is this actually common?/shudders...
I, for one, strongly support your proposal of blocking
] On Behalf Of
Stewart, William C (Bill), RTSLS
Sent: Monday, October 27, 2003 1:27 AM
To: [EMAIL PROTECTED]
Subject: Re: ISPs' willingness to take action
Brian Bruns asserts that there are lots of home users connecting to
their office Exchange servers without VPNs, and that therefore blocking
Stewart, William C (Bill), RTSLS wrote:
I'm really surprised to hear the assertion that people are
leaving unfirewalled Exchange servers out on the net.
Is this actually common?/shudders...
If that causes you to shudder I won't tell you the extend of the
Exchange Servers I have found on
I'm really surprised to hear the assertion that people are
leaving unfirewalled Exchange servers out on the net.
Is this actually common?/shudders...
I don't think that the small shops know any better. It's
a matter of education, and in most of the cases I've seen
the education has been
VPN technologies are either too weak, like PPTP, too
expensive or difficult to grasp like IPsec, or too new
like the HTTPS tunnels.
A couple of years ago, I was working at a company that
used Exchange for corporate email. They had a web version
of Outlook that, I believe, was part of Exchange
On Mon, 27 Oct 2003, Stewart, William C (Bill), RTSLS wrote:
Brian Bruns asserts that there are lots of home users
connecting to their office Exchange servers without VPNs,
and that therefore blocking the Microsoft ports was bad.
While I agree with his point that you shouldn't do it
On Mon, 27 Oct 2003 04:54:30 -0500, Bob German [EMAIL PROTECTED]
wrote:
We implemented an IDS system.
Would you mind sharing some details on this, Bob? I've been thinking about
implementing IDS, but don't know the field well.
/kenw
Ken Wallewein CDP,CNE,MCSE,CCA,CCNA
KM Systems Integration
On Sun, 26 Oct 2003 [EMAIL PROTECTED] wrote:
A few things that make sense to me (as a non-ISP network consultant)
include:
Most ISPs are relatively secure. Yes, occasionally a backbone
router shows up on some list with a password of cisco. The major
problems are in the systems managed and
. Morrow [EMAIL PROTECTED]
To: Stewart, William C (Bill), RTSLS [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday, October 27, 2003 9:08 AM
Subject: Re: ISPs' willingness to take action
On Mon, 27 Oct 2003, Stewart, William C (Bill), RTSLS wrote:
Brian Bruns asserts that there are lots
On Mon, 27 Oct 2003 08:28:22 -0500, John Ferriby [EMAIL PROTECTED]
wrote:
VPN technologies are either too weak, like PPTP, too
expensive or difficult to grasp like IPsec, or too new
like the HTTPS tunnels.
Dunno about HTTPS; I prefer to avoid opening _any_ inbound ports through my
firewalls,
On 27 Oct 2003, at 10:25, Sean Donelan wrote:
Most ISPs are relatively secure. Yes, occasionally a backbone
router shows up on some list with a password of cisco. The major
problems are in the systems managed and installed on non-ISP networks
(i.e. end-users).
Maybe all the ISPs I've been
On Mon, 27 Oct 2003 10:25:36 -0500 (EST), you wrote:
...
As a non-ISP consultant, when a client asks you to configure their
Exchange server do you always conduct a top-to-bottom security analysis of
the client's entire business infrastructure and refuse to do business with
them until after they
On Sun, 26 Oct 2003 [EMAIL PROTECTED] wrote:
A few things that make sense to me (as a non-ISP network consultant)
include:
1) Summarily fencing/sandboxing/disconnecting clients sending high volumes
of spam, virii, etc. You might politely contact your commercial/static
clients first, but
On Mon, 27 Oct 2003, Joe Abley wrote:
Most ISPs are relatively secure. Yes, occasionally a backbone
router shows up on some list with a password of cisco. The major
problems are in the systems managed and installed on non-ISP networks
(i.e. end-users).
Maybe all the ISPs I've been
On Mon, 27 Oct 2003 10:25:36 -0500 (EST), Sean Donelan wrote:
Again, look the postal mail system. One proposal required everyone mail
letters in person at the post office, and show id to the postal clerk.
The problem is it really doesn't solve the problem. Third-party trust
systems don't scale
On Mon, 27 Oct 2003 [EMAIL PROTECTED] wrote:
I said low hanging fruit. I didn't say top-to-bottom security
analysis.
If I fixed every computer on the Internet today, tomorrow Microsoft would
sell 17,000 new insecure installs of Windows.
Low-hanging fruit would be to get Microsoft to change
On Mon, 27 Oct 2003 10:25:36 -0500 (EST), Sean Donelan wrote:
Again, look the postal mail system. One proposal required everyone mail
letters in person at the post office, and show id to the postal clerk.
The problem is it really doesn't solve the problem. Third-party trust
systems don't
MS Date: Mon, 27 Oct 2003 20:06:25 +1000
MS From: Matthew Sullivan
MS PS: Some of the worst are in the SORBS database because they
MS couldn't even work out how to secure them against simple
MS relay.
What's an open relay?
Exact quote from a local MCSE-happy consultancy. I expect
there are
John Ferriby wrote:
I'm really surprised to hear the assertion that people are
leaving unfirewalled Exchange servers out on the net.
Is this actually common?/shudders...
I don't think that the small shops know any better. It's
a matter of education, and in most of the cases I've seen
the
' willingness to take action
Brian Bruns asserts that there are lots of home users
connecting to their office Exchange servers without VPNs,
and that therefore blocking the Microsoft ports was bad.
While I agree with his point that you shouldn't do it
without documenting what you
PROTECTED]
Sent: Monday, October 27, 2003 9:52 AM
Subject: RE: ISPs' willingness to take action
VPN technologies are either too weak, like PPTP, too
expensive or difficult to grasp like IPsec, or too new
like the HTTPS tunnels.
A couple of years ago, I was working at a company that
used Exchange
Please bear in mind that much of this might be my take on viability,
practicality, or past activity related to some of these suggestions.
Moreover, this may not represent even my own opinions on the appropriate
course of action. Inline...
On Sun, Oct 26, 2003 at 06:01:09PM -0700, [EMAIL
On Sun, 26 Oct 2003, Terry Baranski wrote:
What if the great majority of your clients are bare PCs on broadband
circuits?
Well, you might just find that small ISPs, then BIG ISPs, stop accepting
mail from your dynamic IP customers. As a start.
- Original Message -
From: Eric Kuhnke [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, October 27, 2003 8:34 AM
Subject: Re: ISPs' willingness to take action
One significant contributing factor to the lack of care or clue by mid and
large size ISPs is the level 1 helldesk. I
- Original Message -
From: Eric Kuhnke [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, October 27, 2003 8:40 AM
Subject: RE: ISPs' willingness to take action
This is definitely a business opportunity for any ISPs that wish to take
advantage of it... Hire clueful abuse desk
Recently, [EMAIL PROTECTED] (Charles Sprickman) wrote:
This country is going down the crapper fast because no one can think 10
minutes ahead of where they're at. It's not just the computer business,
it's not just the healthcare system, it's everything. No one wants to
think things
I'm a little puzzled, and I hope people won't object to my asking about
this.
As I see it, we're experiencing an ever-increasing flood of garbage network
traffic. While not all of it is easy or appropriate to target, it seems to
me there's some low hanging fruit that could generate serious
ken,
---snip---
3) There was a thread a little while ago that talked about a way to cut
down spam by simply restricting who you would accept SMTP traffic from.
Unfortunately, I don't recall the details, but at the time it struck me as
eminently sensible, and just required cooperation
[EMAIL PROTECTED] wrote:
As I see it, we're experiencing an ever-increasing flood of
garbage network traffic. While not all of it is easy or
appropriate to target, it seems to me there's some low
hanging fruit that could generate serious gains with
relatively little investment.
I agree
Title: RE: ISPs' willingness to take action
Brian.. I would agree with you that sometimes, you can't offer filtered pipe services to everyone and expect the same general acceptance of the product across the board. However, how much liability should a business take-on when abuse@ accounts
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, October 26, 2003 8:01 PM
Subject: ISPs' willingness to take action
By the way, can anybody explain to me a legitimate use for port 135/137
traffic across the Internet, like it's somebody's private LAN
On Sun, 26 Oct 2003, Adam Hall wrote:
Personally, I'm beginning to feel doubt that the technology industry
will be able to maintain the level of competence and respect that we all
need and deserve to have. I can't imagine what the health care industry
would be like if ignorance was embraced
Brian Bruns asserts that there are lots of home users
connecting to their office Exchange servers without VPNs,
and that therefore blocking the Microsoft ports was bad.
While I agree with his point that you shouldn't do it
without documenting what you are or are not blocking,
I'm really surprised
38 matches
Mail list logo
