From: Jason Slagle [mailto:raistlin@tacorp.net] Sent: Tuesday, November 21, 2000 5:53 AM
You basically have 3 choices here.
1) Filter known trojan ports to your customers (Which argueably may or may not include port 139)
2) Routinely scan your customer blocks and inform them of trojans they could be infected with, and any open shares.
3) Do nothing and deal with the possible fallout which may include turning down the customers port, if they get compromised.
Which do YOU view as the lesser of the evils here.
Your arguing 1 isn't doable. 2 is possibly a no go, depending on the contract and customer also, and 3 isn't very good either.
There is a fourth that I'm surprised that only one or two of you picked up on (private mail). 4) Offer port filtering as an added premium service that adds to your revenue stream. That way it is customer choice. However, this only applies to access providers. Backbone providers don't have this option.