On Aug 6, Christopher Masto <chris@netmonger.net> wrote:
On Tue, Aug 05, 1997 at 12:30:25PM -0400, Greg A. Woods wrote:
The other issue mentioned by Dana is the fact that everyone (esp. the "huge players"!) should have already implemented anti-spoofing IP filters and should also be preventing dial-up customers from connecting to anything but the providers authorised mail gateways on port 25. (I still don't know why routers don't default to minimum anti-spoofing and private net filtering rules!)
I don't know about the "huge players", but we're an Internet Service Provider, not an Internet Blockage Provider. We don't allow spoofing, and we don't allow relaying, but we're not about to put filters to prevent dialup customers from connecting wherever they want.
How 'bout to stop them from connection wherever they want, spoofing their IP address so it looks like it's your box at home that's hacking into the NSA instead of them? This is an extreme example, but hopefully it illustrates the reason that a little simple filtering is a Good Thing[TM]. ********************************************************* J.D. Falk voice: +1-415-482-2840 Supervisor, Network Operations fax: +1-415-482-2844 PRIORI NETWORKS, INC. http://www.priori.net See us at ISPCON '97, booth #501 "The People You Know. The People You Trust." *********************************************************