From owner-freebsd-isp Fri Aug 20 16:37:44 1999 Delivered-To: freebsd-isp@freebsd.org Received: from filer2.isc.rit.edu (filer2.isc.rit.edu [129.21.3.107]) by hub.freebsd.org (Postfix) with ESMTP id 3729B14E81 for ; Fri, 20 Aug 1999 16:37:42 -0700 (PDT) (envelope-from jcptch@osfmail.isc.rit.edu) Received: from grace ("port 1500"@[129.21.3.102]) by osfmail.isc.rit.edu (PMDF V5.2-32 #34621) with SMTP id <0FGS00KKXEVJIY@osfmail.isc.rit.edu> for freebsd-isp@freebsd.org; Fri, 20 Aug 1999 19:35:43 -0400 (EDT) Received: by grace (5.65v4.0/1.1.19.2/21Sep98-0910AM) id AA26487; Fri, 20 Aug 1999 19:35:42 -0400 Date: Fri, 20 Aug 1999 19:35:42 -0400 From: Jon Parise Subject: Re: multiple machines in the same network In-reply-to: <37BDA7A6.D999F103@ispro.net.tr>; from yurtesen@ispro.net.tr on Fri, Aug 20, 1999 at 10:08:22PM +0300 To: freebsd-isp@freebsd.org Mail-followup-to: freebsd-isp@freebsd.org Message-id: <19990820193542.A27435@osfmail.isc.rit.edu> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii User-Agent: Mutt/0.96.3i X-Operating-System: OSF1 V4.0 (alpha) References: <37BDA7A6.D999F103@ispro.net.tr> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Aug 20, 1999 at 10:08:22PM +0300, Evren Yurtesen wrote: > We are an ISP and we want to let our customers to put their own hardware > into our network. But the thing we are concerned about is security of > course. How can we protect our system from customers' machines? In addition to the other response, you might also want to consider a network device that can handle bandwidth limiting and/or accounting. At the very minimum, employ a decent switch. That way, you'll at least be able to disable the port should one of the colocation boxes get attacked or something. -- Jon Parise (parise@pobox.com) . Rochester Inst. of Technology http://www.pobox.com/~parise/ : Computer Science House Member To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message