[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Tier1 blackholing policy?

On Apr 30, 2013, at 10:07 PM, Chris Boyd wrote:

> 3 - Deliver all packets unless I've signed up for an enhanced security offering?

Even if said packets from an obviously compromised server on a high-speed link are attack packets causing problems for the ISP itself as well as for its customers?  

Trust me, large transit ISPs don't *want* to be in the blackholing business.  They only do so when they're forced into it by necessity (operational, legal, regulatory).

Also note that in the case of the server(s) you can't access, they may well be on shared hosting with thousands of sites/accounts on a single IP, one or more of which may be compromised.

Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton