On Sep 8, 2010, at 9:59 AM, Martin Hotze wrote: >> -----Original Message----- >> Date: Wed, 08 Sep 2010 08:54:20 -0700 >> From: Charles N Wyble <[email protected]> >> Subject: NOC Automation / Best Practices >> To: [email protected] >> >> NOGGERS, >> >> (...) >> The way I see it, an ounce of prevention is worth a pound of cure. >> Along >> those lines, I'm putting in some mitigation techniques are as follows >> (hopefully this will reduce the number of incidents and therefore calls >> to the abuse desk). I would appreciate any feedback folks can give me. >> >> A) Force any outbound mail through my SMTP server with AV/spam >> filtering. >> B) Force HTTP traffic through a SQUID proxy with SNORT/ClamAV running >> (several other WISPs are doing this with fairly substantial bandwidth >> savings. However I realize that many sites aren't cache friendly. >> Anyone >> know of a good way to check for that? Look at HTTP headers?). Do the >> bandwidth savings/security checking outweigh the increased support >> calls >> due to "broken" web sites? >> C) Force DNS to go through my server. I hope to reduce DNS hijacking >> attacks this way. >> >> Thanks! > > For either A, B or C you won't get my business, let alone a combination of > all 3. *wah!* There is too much FORCE here. :-) > > #m >
+1 Owen
