[AusNOG] Softlayer tech pls contact re brute force from your network

Andrew McN andrew at mcnaughty.com
Tue Dec 6 16:26:35 EST 2016 

Note that Softlayer host servers for PrivateInternetAccess.com's VPN
service.

Given the metadata retention issue, It's to be expected that many
legitimate users will use VPNs (and far more should do so), and that
tends to break a lot of assumptions re stopping miscreant traffic at the
source.

You can block incoming traffic from softlayer, and it may be that you
can get softlayer to block outgoing traffic to you.  Either approach is
likely to block legitimate traffic.

Andrew


On 06/12/16 15:03, Paul Wilkins wrote:
> /Or am I just being a stick-in-the-mud old-skewl fart?
> 
> /
> Ross,
> Not at all.
> 
> In fact, the Telecommunications Sector Security Reform bill is slowly
> wending its way into legislation.
> 
> https://www.ag.gov.au/telcosecurity
> 
> I'm not sure exactly what "establishing a security obligation,
> applicable to all C/CSPs requiring them to do their best to protect
> their networks from unauthorised access and interference" will mean in
> practice, but the point is, there will be an obligation to "do your
> best". The terminology strikes me as odd though, because I thought we
> already did our best, that's how we get to keep our jobs.
> 
> Kind regards
> 
> Paul Wilkins
> 
> 
> 
> On 6 December 2016 at 14:41, Ross Wheeler <ausnog at rossw.net
> <mailto:ausnog at rossw.net>> wrote:
> 
> 
> 
>     On Mon, 5 Dec 2016, Scott Howard wrote:
> 
>         http://www.fail2ban.org/
> 
>          Scott
> 
> 
>     Blocking at the destination is a quick way to reduce the impact, but
>     it still consumes resources, wastes bandwidth and leaves the
>     original host (the source of the problem) un-addressed.
> 
>     If the box has been compromised, I'm sure the owner would like to know.
>     If the owner is using it for questionable or illegal activity, I'd
>     expect the hosting provider would like to know about it and take action.
> 
>     A firewall rule at (a singular) endpoint might be the current "least
>     effort" way of addressing network problems, but imagine if everyone
>     did their job and kept their particular corner of the internet tidy,
>     how much easier it'd be for us all?
> 
>     Or am I just being a stick-in-the-mud old-skewl fart?
> 
>     _______________________________________________
>     AusNOG mailing list
>     AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>     http://lists.ausnog.net/mailman/listinfo/ausnog
>     <http://lists.ausnog.net/mailman/listinfo/ausnog>
> 
> 
> 
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>

More information about the AusNOG mailing list