|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Even you can be hacked
--On Thursday, June 10, 2004 11:11 -0700 Mark Kent <[email protected]> wrote: But ultimately, _you_ are responsible for your own systems.When I detect abusive behavior coming from a customer site then it is my responsibility to make sure that doesn't affect the rest of the world. To some extent, yes. I agree that his ISP should have shut him down much earlier than they did, but, I suspect this guy would be pretty unhappy about that, too. Also, if I know how to fix it at source and the customer doesn't know then it's my responsibility to make sure the customer has the tools and resources to fix it. How fast it gets fixed is not a primary concern because of the previous paragraph. I'm less convinced of this. Certainly, it's the nice thing to do, but, I'm not convinced you have any responsibility. It's what I would do. It's the neighborly thing to do. It's the good customer service thing to do. All of those things put it in a very different context than "I have a responsibility". Parallels to fire/water/electricity/etc. don't quite work because there is a big difference between the worm that came out yesterday and the National Electrical Codes that came out last century. Yes and no. If a customer starts dumping dirty power onto the electric grid, believe me, it will cause problems for other customers almost as quickly (although over a smaller area) as yesterday's worm. If the sanitary sewer develops a clog at the end of the street, it is the neighbor at the bottom of the hill that will suffer when the neighbor at the top of the hill flushes. The analogies at least work in terms of who has responsibility for fixing the machine. It is not your responsibility to fix your customer's machine unless that is an additional service they have contracted you for. I don't want my ISP telling me how to run my machine, nor do I want them controlling what packets I do and don't receive. Customers who do want those services should be able to find ISPs that offer them as a value add. I don't want them, and I would be angered if they were dictated to me. Owen -- If this message was not signed with gpg key 0FE2AA3D, it's probably a forgery. Attachment:
pgp00022.pgp
|