North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Operational impact of filtering SMB/NETBIOS traffic?
On Mon, Nov 20, 2000 at 04:12:19AM -0800, Mathew Butler wrote: > Ah, but here's the rub: Is there anything, from a business standpoint (read: > contracts), that says that you have the right, much less the obligation, to > make 'security' decisions for the customer? If not, you're opening your > company up to massive lawsuits. Let me get this straight; you think that instead of shooting you an email asking that the port be opened, your customer is going to call in the lawyers and file suit? WTF are your customers? > It's a -very- touchy subject -- but I, as a customer, want exclusive right > to make filtering decisions over what goes from my network to the peering > point, where the other backbone providers can choose their own policy. The > reason for this is so that, if necessary, I can run any protocol I have a > need to run over all circuits that I have that are connected to the same > ISP. Well, tough. We all filter various things, whether that be RFC 1918 addresses, NetBIOS, or Other. There's not a thing wrong with filtering by default, and removing if the customer asks, and since I did it for years without getting sued I reject your entire argument that the latter is what will occur. > Or are you thinking that the only clueful people in the network world exist > at the NSPs? No, I'm thinking 99% of them exist at the NSPs. My experience has so far borne this out. Then again, I've been no higher than Tier 3, so WTF do I know? :-)