Peter Tribble wrote:
That doesn't seem right. Fix the users so they do the right thing.
I know it isn't ... but for an ISP it's more complicated...
If it really is based on application, then you end up writing some
sort of proxy server
to intercept the traffic and parse it. Or if the errant users can be
identified by IP
address, then you could probably put together something with IP filter
to redirect
them to some other port.
We certainly have to see how many customers are abusing well-known
ports. Maybe we just have to "punish" them.
I've investigated the issue a bit more, and there are some companies
that build firewall proxies.
But I would certainly prefer not to allow such traffic to pass.
_______________________________________________
sysadmin-discuss mailing list
sysadmin-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/sysadmin-discuss
