Reply to post:

Linode: Back at last after ten days of hell

Anonymous Coward
Anonymous Coward

The basic problem seems to be some assumption that firewalls are supposed to keep the risky internet out of the trusted intranet. Defaults should be that outside traffic cannot appear to be from the inside and that inside traffic cannot appear to be from the outside.

Since the ultimate defense against malfunctioning nodes is to simply unplug them, a protective firewall really needs to be able to prevent spoofed UDP traffic (apparently impossible to do with 1&1's "advanced" Cisco Firewalls).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019