Ron DuFresne wrote:
>
> I disagree it is the responsibility only of the ISP. It is a matter of
> *personal* responsibility, unless specifically outsourced.
I'd say it is both.
What is clear is that the ISP has the ability to do certain things very
easily and inexpensively that may be quite difficult for most customers
to do. For example, using access-lists to deny non-established
access to certain ports frequently scanned by script kiddies is quite
easy to do.
On at least some Cisco routers, you can even associate access-lists with
users on a user by user basis. It would be quite easy for ISPs using
those routers to apply access-lists to those customers interested in
greater security.
What we don't want is every customer to have to have a firewall in order
to have any degree of security greater than the most minimum basics. In
the case of cable systems, the security problem is going to be greater
than for dial-ups just because the computers are far more likely to be
on-line longer, and thus remain targets longer, and because the higher
access speed is more likely to make them a target.
Of course, if you want security, use a good firewall, but connect it to
the internet through a 300 baud modem.
Eric Johnson
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
