North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: ISPs as content-police or method-police

  • From: Christian Kuhtz
  • Date: Mon Nov 20 12:08:18 2000

> On Mon, 20 Nov 2000 09:21:10 MST, Ehud Gavron said:
> > It is clear (to me) that customers who get a connection
> > to the net do NOT want that connection limited nor
> > censored.
> Unfortunately, it's NOT clear that this is the case.  The average customer
> just THINKS they want something.  The question of whether it's something
> actually reasonable to do is a different issue....

What doesn't make sense in that argument is why you couldn't just simply
upsell the customer to a managed fw solution etc if that's the concern.
Educate them, and let them decide based on the education they received.

> Remember - the *reason* this is a point worth discussing at *ALL* is because
> such a large percentage of customers don't have a CLUE - if (for instance)
> 98% of the shops had enough clue to close down open shares, we'd
> not be seeing
> so many scans for them.

Well, again, I don't believe in 'censoring' traffic by default.  I do believe
in offering options for those people who decide to do so and can't/don't want
to do it themselves.

> I suspect that if a large percentage of Tier 1/2 carriers actually filtered
> ports 137 through 139, we'd not be seeing anywhere near the amount
> of QAZ and
> similar activity.

I wouldn't be so sure, particularly because of the legal exposure...

> And as has been pointed out, you can ALWAYS punch a hole
> in the filter for customers who like to live risky, or they can find other
> ways to tunnel their packets.

At SP scale?  Think again.


Christian Kuhtz <[email protected]> -wk, <[email protected]> -hm
Sr. Architect, Engineering & Architecture,, Atlanta, GA, U.S.
"I speak for myself only."