Whats so bad about decent secure defaults?
I don't consider a configuration that disenfranchises part of the internet as "decent [...] defaults." :)
The big problem that we're experiencing here is that the big telco ISP's, network providers and managed service providers that should have something better than a 'network monkey' running their routers are having BOGON filtering problems. We diagnosed a problem getting to east cost government sites and in working with SAVVIS, we corrected problems in a matter of hours. This has been the only positive progress we've made in unblackholing out network segment. We're going on day number 4 trying to get SBC to fix 'managed' local government routers. To tell you the truth, the little leaf nodes that have a corporation without world-accessible resources behind their router are unconsequential to us -- let them filter on old BOGON lists -- our customers need to be able to get to the resources that are behind the huge networks that are maintained by companies much larger than ours that are running out of date filters. Why more people don't use resources like what Cymru offer is beyond me... James Laszko Pipeline Communications, Inc. james@pcipros.com