On Sat, 7 Apr 2007 20:41:19 -0500 (CDT) Robert Bonomi <bonomi@mail.r-bonomi.com> wrote:
BLUNT QUESTIONS: *WHO* pays me to figure out 'which parts' of a provider's network are riddled with problems and 'which parts' are _not_? *WHO* pays me to do the research to find out where the end-user boundaries are? *WHY* should _I_ have to do that work -- If the 'upstream provider' is incapable of keeping _their_own_house_ clean, why should I spend the time trying to figure out which of their customers are 'bad guys' and which are not?
A provider *IS* responsible for the 'customers it _keeps_'.
And, unfortunately, a customer is 'tarred by the brush' of the reputation of it's provider.
Um, with that reasoning, why not just block the whole /0 and be done with it? Seriously, I used to share your frustration and would block large swaths of the Internet for rather minor offenses. I finally realized this practice didn't help. Why not get yourself some sort of intrusion detection/prevention system or fully firewall your hosts. If you have a spam problem, get an e-mail security appliance which uses reputation filtering to reject connections? matthew black california state university, long beach