Ah, but here's the rub: Is there anything, from a business standpoint (read: contracts), that says that you have the right, much less the obligation, to make 'security' decisions for the customer? If not, you're opening your company up to massive lawsuits. It's a -very- touchy subject -- but I, as a customer, want exclusive right to make filtering decisions over what goes from my network to the peering point, where the other backbone providers can choose their own policy. The reason for this is so that, if necessary, I can run any protocol I have a need to run over all circuits that I have that are connected to the same ISP. If it is shown that my network is relaying spam traffic, or is otherwise abusing the precepts of "Maintain Control Over What Flows In To And Out Of Your Network", only -then- would I think that control should be exercised by the NSP, and only then to the extent necessary to stop the abuse. And a hefty fine should be imposed on my company in that circumstance. Or are you thinking that the only clueful people in the network world exist at the NSPs? -Mat Butler -----Original Message----- From: Shawn McMahon [mailto:smcmahon@eiv.com] Sent: Sunday, November 19, 2000 4:53 AM To: nanog@merit.edu Subject: Re: Operational impact of filtering SMB/NETBIOS traffic? On Sat, Nov 18, 2000 at 08:19:12PM -0800, Roeland Meyer wrote:
because we want shares. You are considering killing off a whole bunch of legitimate use because some are too brain-dead to not have unintentional shares on the internet?
There are other issues with Microsoft's networking protocols than just unintentional shares. It leaks potentially lethal information like a sieve. Letting it willy-nilly through your firewalls is an invitation to have compromised hosts on your network. It should be filtered by default, and only un-filtered by request; and that with the understanding that if it even looks like you might be owned, you get cut off until there's an explanation.