Fair enough :-) I know its not ideal, and it does break a lot of things e.g. IKE, etc. I really don't think there is a good answer to the DSL filtering question. Should the ISP do policy routing, and just sell filtered access as a product? Or should common exploit filtering be done even further upstream, on the backbones? If the ISP provides the filtering, will TCNZ policy route Jetstream (as opposed to Jetstart) users through those filters? Although possible, I guess it really comes down to who's going to pay for it. Cheers, Gordon
-----Original Message----- From: Joe Abley [mailto:jabley(a)automagic.org] Sent: Thursday, 20 September 2001 15:07 To: Gordon Smith Cc: Nznog Subject: Re: [jim(a)cyberjunkees.com: Re: FW: Worm probes]
Why? It wouldn't be visible to the rest of the world, and would
On Thu, Sep 20, 2001 at 03:01:23PM +1200, Gordon Smith wrote: provide the
protection asked for, albeit with a reduction in functionality. That would even hide the IPNet RFC1918 addresses currently visible to the world :-)
I agree, that would be a bonus :)
Actually, I guess it could be done in a way that looked reasonable from the outside, even given Jetstream's wholesaleness. My mail was mainly a knee-jerk reaction to the idea of handing out RFC1918 addresses for public internet access, ever, tempered with a healthy loathing of NAT.
Joe
--------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog