On Thu, Aug 09, 2001 at 11:01:38AM -0400, Travis Pugh wrote:
I'd think that a good default stance would be to block all incoming TCP connections that aren't part of an established session, for all broadband customers. Most of them would never notice, as email and http still work.
Consider things like IRC DCC and (more mainstream) instant messaging direct connections for file transfers, voice, etc. Limiting this to privileged ports (<1024) might be more viable.
Run an abuse department that responds quickly to customers
I thought there was an RFC defining the abuse@ alias as the bit bucket... ;-]
... except to say it's nice to see someone trying to wrap their head around these issues.
Wholeheartedly agreed. -jeff -- Jeff Gehlbach, Concord Communications <jgehlbach@concord.com> Senior Professional Services Consultant, Atlanta ph. 678.265.6067 fax 770.384.0183