North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Customer-facing ACLs

  • From: Carpenter, Jason
  • Date: Fri Mar 07 19:17:58 2008
  • Accept-language: en-US
  • Acceptlanguage: en-US

That's the problem isn't it? Who decides what can and cant go through. I think the tier approach is better, a basic user account where everything is blocked and a Sysadmin type account where everything is open. If the price is different enough then only people who are going to use those extra ports will actually pay for it.

-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of Scott Weeks
Sent: Friday, March 07, 2008 5:57 PM
To: [email protected]
Subject: Re: Customer-facing ACLs

--- [email protected] wrote:

> To me there is no question of whether or not you filter traffic for
> residential broadband customers.

SBC in my area (Dallas) went from wide open to outbound 25 blocked by
default/opened on request. I think doing the same thing with port 22 would
hardly be an undue burden on users, and would help keep botnets in check.

Might as well do TCP 20, 21 and 23, too.  Woah, that slope's getting slippery!



The contents of this message and any attachments may be confidential and proprietary and also may be covered by the Electronic Communications Privacy Act. This message is not intended to be used by, and should not be relied upon in any way by, any third party.  If you are not an intended recipient, please inform the sender of the transmission error and delete this message immediately without reading, disseminating, distributing or copying the contents. Citadel makes no assurances that this e-mail and any attachments are free of viruses and other harmful code.