25 Oct
2001
25 Oct
'01
8:58 p.m.
Wow ... I see another long thread coming :( ACLs are a reactive solution. An ICMP probe or two may be unwanted but not excessive. 441 times (depending on the size of ones network) could be excessive. Why should I have to waste processor cycles to keep these guys out.
At 08:37 PM 10/25/2001, Christopher J. Wolff wrote:
Unfortunately, in this case I am not a customer of Digital Island in any way, nor have I given them authorization to hammer my network 441 times
(and
counting) in the last two hours.
They're of the opinion that they don't need your permission... if they want to hammer your network, they will.
'course, a nice ACL at the borders reminds 'em who your network actually belongs to