> -----Original Message----- > Date: Wed, 08 Sep 2010 08:54:20 -0700 > From: Charles N Wyble <[email protected]> > Subject: NOC Automation / Best Practices > To: [email protected] > > NOGGERS, > > (...) > The way I see it, an ounce of prevention is worth a pound of cure. > Along > those lines, I'm putting in some mitigation techniques are as follows > (hopefully this will reduce the number of incidents and therefore calls > to the abuse desk). I would appreciate any feedback folks can give me. > > A) Force any outbound mail through my SMTP server with AV/spam > filtering. > B) Force HTTP traffic through a SQUID proxy with SNORT/ClamAV running > (several other WISPs are doing this with fairly substantial bandwidth > savings. However I realize that many sites aren't cache friendly. > Anyone > know of a good way to check for that? Look at HTTP headers?). Do the > bandwidth savings/security checking outweigh the increased support > calls > due to "broken" web sites? > C) Force DNS to go through my server. I hope to reduce DNS hijacking > attacks this way. > > Thanks!
For either A, B or C you won't get my business, let alone a combination of all 3. *wah!* There is too much FORCE here. :-) #m
