-
> From: "Joseph Barnhart" <[EMAIL PROTECTED]>
> To: "Matthew S. Hallacy" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Sunday, October 27, 2002 8:46 PM
> Subject: Re: How to secure the Internet in three easy steps
>
>
> >
&
On Mon, 28 Oct 2002 11:05:44 EST, [EMAIL PROTECTED] said:
> They take a total revenue that's somehow gets associated with selling cable
> and divide it by the price of the basic cable. The resulting number is the
> number of subscribers that they claim to have.
This of course is perfectly fine, a
Wow! They just don't count subscribers:).
I realize one way makes more sense from a "we've got more subscribers than
you do sense" but it wouldn't be that hard to count real subscribers one
wouldn't think.
On Mon, 28 Oct 2002 [EMAIL PROTECTED] wrote:
>
> > > In a public press release dated Au
> > In a public press release dated August, they claim to have
> > 1.8 million Internet customers. How that compares to the
> > global pool of cable users, I cannot say.
>
> One cable company I've done business here (Ontario, Canada) has over
> 500K subscribers, and I don't believe it has the
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:owner-nanog@;merit.edu] On
> Behalf Of Christopher Schulte
> Sent: October 27, 2002 9:22 PM
> To: William Warren; [EMAIL PROTECTED]
> Subject: Re: How to secure the Internet in three easy steps
>
> In a pu
At 09:03 PM 10/27/2002 -0500, William Warren wrote:
actually with the merger of At&t and comcast most cable inet customers
will be through them.
Until that happens however:
In a public press release dated August, they claim to have 1.8 million
Internet customers. How that compares to the glob
" <[EMAIL PROTECTED]>
To: "Matthew S. Hallacy" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Sunday, October 27, 2002 8:46 PM
Subject: Re: How to secure the Internet in three easy steps
>
> Not really
>
> On Sun, 27 Oct 2002, Matthew S. Hallacy wrote:
>
On Sun, Oct 27, 2002 at 07:42:10PM -0600, Matthew S. Hallacy wrote:
>
> And they block port 80 inbound TCP further out in their network. Overall,
> cable providers more heavily than cable providers.
^-- s/cable/DSL/;
--
Matthew S. Hallacy
actually with the merger of At&t and comcast most cable inet customers
will be through them.
Joseph Barnhart wrote:
Not really
On Sun, 27 Oct 2002, Matthew S. Hallacy wrote:
On Sun, Oct 27, 2002 at 02:35:23PM -0500, Eric M. Carroll wrote:
Sean,
At Home's policy was that servers were admin
Not really
On Sun, 27 Oct 2002, Matthew S. Hallacy wrote:
>
> On Sun, Oct 27, 2002 at 02:35:23PM -0500, Eric M. Carroll wrote:
> >
> > Sean,
> >
> > At Home's policy was that servers were administratively forbidden. It
> > ran proactive port scans to detect them (which of course were subject
On Sun, Oct 27, 2002 at 02:35:23PM -0500, Eric M. Carroll wrote:
>
> Sean,
>
> At Home's policy was that servers were administratively forbidden. It
> ran proactive port scans to detect them (which of course were subject to
> firewall ACLs) and actioned them under a complex and changing rule set
ic Carroll
-Original Message-
From: [EMAIL PROTECTED] [mailto:owner-nanog@;merit.edu] On Behalf Of
Sean Donelan
Sent: October 25, 2002 5:36 PM
To: Paul Vixie
Cc: [EMAIL PROTECTED]
Subject: Re: How to secure the Internet in three easy steps
On Fri, 25 Oct 2002, Paul Vixie wrote:
> > Not only
> Source address validation, or more generally anti-spoofing filters, do
> not require providers maintain logs, perform content inspection or
> install firewalls. But source address validation won't stop attacks,
> viruses, child porn, terrorists, gambling, music sharing or any other
> evil that e
On Fri, 25 Oct 2002, Paul Vixie wrote:
> money. this whole thing is really about money. but "1" isn't getting
> done because the money that could be saved is by ISP "B" whereas the
> money which must be spent is by ISP "A". so, the nondeployment of BCP38
> is all about money, too.
As the other
"batz" == batz <[EMAIL PROTECTED]> writes:
batz> Assuming you are referring to "securing" as the balance of the
batz> holy triuvirate of Confidentiality, Integrity and Availability,
batz> there are other options than the modest proposals you made.
batz> The ISP doesn't have to manage the firew
> > not just the bad people. all the people. a network with 2 or 3 in place
> > is useless. there is no way to make 2 or 3 happen.
> As part of their anti-spam efforts, several providers block SMTP port
> 25, and force their subscribers to only use that provider's SMTP
> relay/proxy to send ma
On Fri, 25 Oct 2002, Sean Donelan wrote:
:Many corporate networks already proxy all their user's traffic, and
:prohibit direct connections through the corporate firewalls.
:
:I think its a bad idea, but techincally I have a hard time saying its
:technically impossible.
Well, it is also technical
Actually, I'm not certain but athome didn't seem to proxy or block
anything. I ran my home linux box off at home for a while and never had
any problem with any ports including http and mail. Also, it seems to me
that I tried something similar for a goof with an aol dialup and it worked
as well.
On Fri, 25 Oct 2002, Paul Vixie wrote:
> > Not only that, but unless _everyone_ implements 2 and/or 3, all the bad
> > people that exploit the things these are meant to protect will migrate to
> > the networks that lack these measures, mitigating the benefits.
>
> not just the bad people. all the
On Fri, 25 Oct 2002, Sean Donelan wrote:
:Assuming no time, money, people, etc resource constraints; securing the
:Internet is pretty simple.
Assuming you are referring to "securing" as the balance of the holy
triuvirate of Confidentiality, Integrity and Availability, there
are other options th
> This seems to be a catch-22; no one will implement these for the good of the
> net because it costs money, and ignorant competitors that don't implement
> them will not share in that expense. Have any such ideas been implemented
> in the modern internet? How?
>
Not to mention that 2 or 3 woul
> Not only that, but unless _everyone_ implements 2 and/or 3, all the bad
> people that exploit the things these are meant to protect will migrate to
> the networks that lack these measures, mitigating the benefits.
not just the bad people. all the people. a network with 2 or 3 in place
is usel
"Sameer R. Manek" wrote:
>
> Paul Vixie wrote:
> > Sean Donelan wrote:
> > > I didn't make any of these up. They've all been proposed by serious,
> > > well-meaning people.
> >
> > i recommend caution with your choice of words. apparently not everyone
> > treats "well meaning" as the compliem
> i don't believe that 2 or 3 will ever happen, for simple market reasons --
> it is harder to make money if you do 2 or 3. however, 1 only costs a
small
> bit of ops expense, and has no market impact at all, so it's practical in
> simple economic terms.
Not only that, but unless _everyone_ impl
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:owner-nanog@;merit.edu]On Behalf Of
> Paul Vixie
> Sent: Friday, October 25, 2002 12:39 PM
>
> > > i can see how the end to end principle applies in cases 2 and
> 3, but not 1.
> >
> > I didn't make any of these up. They've all been
> > > 1. Require all providers install and manage firewalls on all subscriber
> > > connections enforcing source address validation.
> >
> > i can see how the end to end principle applies in cases 2 and 3, but not 1.
>
> I didn't make any of these up. They've all been proposed by serious,
> well
On 25 Oct 2002, Paul Vixie wrote:
> > 1. Require all providers install and manage firewalls on all subscriber
> > connections enforcing source address validation.
>
> i can see how the end to end principle applies in cases 2 and 3, but not 1.
I didn't make any of these up. They've all been propo
> Assuming no time, money, people, etc resource constraints; securing the
> Internet is pretty simple.
>
> 1. Require all providers install and manage firewalls on all subscriber
> connections enforcing source address validation.
>
> 2. Prohibit subscribers from running services on their own mac
At 13:14 -0400 10/25/02, Sean Donelan wrote:
Are there some down-sides? Sure. But who really needs the end-to-end
principle or uncontrolled innovation.
The context of the above is, of course, sarcastic. But it reminded
me of a quote that once appeared on mailing list that is germane to
this
29 matches
Mail list logo
