|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Math 011 (Re: "Default" Points on your Internet "Re: Re: Re:")
GR> Date: Mon, 14 Jun 2004 21:47:49 -0400
GR> From: George Roettger
GR> Virus infections are a day to day occurance, not some
And being the status quo justifies something how?
GR> critical emergency DOS condition and they should be handled
GR> with concern but not panic. Customers are the priority, not
GR> everyone else on the net. If you can't stand up to 4 port
GR> probes then you don't belong on todays internet.
Four port probes per day? It's been the better part of a decade
since I saw that... and, back in those days, I actually _called_
many of the domestic networks that were attempting funny
business. (You'd not believe how many network admins were on
vacation...)
Rather than waving my hands at vague concepts, I'll set forth a
few hypothetical data points:
* You have an infected machine that has absolutely no chance of
harming anyone else. Should you care? ("Yes" reflects concern
about the customer; "no" is the Internet-minded attitude.) At
any rate, disconnection would be foolish.
* That customer will infect one other system per month. It would
be nice to stop that, but disconnection would be overly harsh.
* I have an infected machine that pounds out attacks and exploits
at high speeds, hurting thousands of systems hourly. Would you
like it shut off? Probably. Do you not agree that this is
grounds for disco/throttling/proxy -- at least temporarily?
If you don't agree with me on the extremes, I think you're nuts.
If you agree with me on the extremes, then we're arguing over
where the boundaries should be.
The problem is one of leverage: One compromised system can
affect hundreds, thousands, or even tens of thousands of others.
It's far easier to quell _one_ infected system at the source than
it is for even two (let alone orders of magnitude higher) other
people to deal with the fallout when they're hit.
Is your { customer | time | whatever } more valuable than the
aggregate of those who suffer? If you think so, that's arrogant
even for NANOG.
Yes, we've lost customers who refused to take care of their
systems. We've also gained other customers and consulting
clients who appreciate the "try to keep things clean" mentality.
Eddy
--
EverQuick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
DO NOT send mail to the following addresses :
[email protected] -or- [email protected] -or- [email protected]
Sending mail to spambait addresses is a great way to get blocked.
|