Re: NSPs filter?

From: Chris Woodfield (no email)
Date: Mon Aug 05 2002 - 14:30:12 EDT


I'll clarify this...I already noted that antispoof filtering is an exception,
and I'll agree that RPF fits loosely under the antispoofing definition as well,
albiet in the other direction.

-C

On Sun, Aug 04, 2002 at 11:19:35PM -0400, Chris Woodfield wrote:
> IMO, Commercial ISPs should never filter customer packets unless
> specifically requested to do so by the customer, or in response to a
> security/abuse incident.
>
> Consumer ISPs are much more likely to have clauses in the AUPs that are
> enforced premptively via packet filtering - antispoof filters (honestly,
> antispoof filtering is, IMHO, the one expection to my "commercial ISPs
> should not filter" rule), port blocks to prevent customers running
> servers, outbound SMTP blocks to off-provider systems to stop direct-to-MX
> spamming, ICMP rate limiting, et al. All of which are fine by me as long
> as they clearly assert their right to do so in their AUP - that is, as
> long as there's a comparable provider I can use instead.
>
> -C
>
> On Sun, Aug 04, 2002 at 02:37:12PM +0000, wrote:
> >
> > > Good day,
> > >
> > > What NSPs do filter packets, and can really deal with DoS and DDoS attacks?
> > >
> > > -Abdullah Bin Hamad A.K.A Arabian
> >
> > The shorter shorter list would be the NSPs that do NOT filter
> > packets. I can't think of an NSP that does not filter.
> >
> > --bill










Hosted Email Solutions

Invaluement Anti-Spam DNSBLs



Powered By FreeBSD   Powered By FreeBSD