prudent/paranoid folk over the years have persuaded me that it makes the best sense to only run those applications/services that I need to and shut off everything else - until/unless there is a demonstrated need for it.
very true for a host, even somewhat true for a site. very untrue for a backbone.
randy
there appears to be a disconnect in the wording of the IAB document: it starts: ---- IAB concerns against permanent deployment of edge-based filtering The IAB notes that there ISPs/ASes undertaking permanent deployment of edge-based protocol number/port number packet filtering on traffic received from eBGP peers. ---- it can be viewed from the perspective of a transit provider looking toward its edges, the clients. it can be viewed from the perspective of a multihomed client looking toward its edges, the transit providers. which one you take depends on where you start... :) then there is the idea of "permanent" deployment ... little is permanent in networking. the hard problem is when vendors put filters in silicon. :( --bill