On 12-Nov-2009, at 21:55, McDonald, Dan wrote: > On 11/12/09 9:42 PM , > luis.daniel.lu...@gmail.com wrote: >> Again me, Well, in the security scope i use a principle that states that >> you > souldnt use a lower layer solution to fix a >higher one. So SPAM is a Layer > 7 >> problem that is used to fixed with a Layer 3 solution (RBL). > > So, worms like conficker are layer 7 applications. Should we not apply a > layer 4 access control (stopping port 445 at the AS border) to help mittigate > the spread of it?
RBLs are a L3 solution to an L3 problem (I don't want THAT server talking to my server). It's L3 all the way. L4 applies after the connection has been established (which is why it's called the Transport Layer) -- I WILL NOT DEFAME NEW ORLEANS Bart chalkboard Ep. 9F01