A secure democratic Net is a fundamental right

The good news is that the problem with the internal DNS servers of Belgacom (or the traffic they seem to be directing to servers that are known to be malicious) is resolved. We have seen those servers popping up now and than, so I hope they have installed some permanent monitoring instead of just blocking some traffic).

Yesterday showed also the importance of statistics and monitoring. If you are monitoring your network and you have realtime (or every so much time) statistics, than you can see very clearly your priorities. If you would take out here 1 server or PC that is heavily scanning/attacking than your global numbers would fall enormously. You should concentrate on the big numbers, the big guys first and if you have any time left, than you can start cleaning up the small culprits one after one.

In our book club and books you can find some about security metrics, something you really must implement especially in hard times when you have to ask yourself what will I do first and what has the biggest impact immediately ?

So really I don't care about those small ones because I understand that you can't clean them all at the same time, but when critical infrastructure (like DNS) or big permanent servers or parts of your network are being used to scan and attack the rest of the Belgian internet, than it is normal that I suppose you try to get at least those big attackers under control.

We would also like to warn that you definitively need some anti DDOS protection - as a hosting firm, an ISP or a big network. Most new intelligent firewalls and routers have such functions. It will cost you a bit more, but it is necessary. Yesterday these sensors detected 13 DDOS attacks AGAINST the belgian network. We always said that the presence of international institutions in Belgium makes this 'normal'.