Chapter 2: ISP Security Practices--Separating Fact from Fiction

Overview

Many people assume that ISPs are completely secure, always watching out for attacks, and always protecting customers. Some do, and some do not. In this chapter, we'll point out some of the core aspects of ISP security and what we've found over the years to be fact, but also what we've found to be fiction. Our intent is not to beat up on all ISPs, nor to tell you that all ISPs are remiss when it comes to security practices. Rather, we want you to understand that to the extent that you depend on your ISP for services, your security is in your ISP's hands!

The topics covered here are beyond your ability to control as a customer, but you need to understand how an ISP network is designed and maintained , and what security precautions they should be taking on your behalf . If you understand the components of an ISP network related to security, you can ask intelligent questions of your ISP (or prospective ISP), and become a more informed buyer.

We will cover the following components of ISP security practices, and how ISPs can protect their networks (thereby protecting you) from risk of attack.

• Components of ISP Security Background on ISP network infrastructure impacting security of the ISP and customer networks.

• Exposing Weaknesses in ISP Security How attackers can impact your security through weaknesses in your ISPs security posture .

• Internet RoutingA Little Deeper A more advanced view of Internet routing including BGP and the path selection process, routing within the ISP's network, and routing between ISPs.

• Routing Policy How ISPs determine what to route and where to route it. We also look at ways attackers may influence routing policy.

• ISP Acceptable Use Policy and Incident Response Typical Acceptable Use Policies of providers and the types of monitoring and incident response implemented by ISPs to identify and track attacks.