I've always been kind of conflicted with this issue. I mean, providers blocking traffic at all. On the one hand, I'm a corporate customer, and if I'm being DOSed or infected, I would want to be able to call my ISP and have it blocked. On the other hand, I truly feel that I pay my ISPs to pass traffic, not block it. I guess it only bugs me when something is blocked and I didn't even ask for it to be blocked...and then other stupid things are seeping through, but are not blocked even when I ask! If ISPs really wanted to make the Internet better for Corporate America, I guess they'd unplug most of Asia...not block a port here and there (but that isn't exactly acceptable). Anways, like I said, I'm conflicted...I change my mind every now and then because both arguments make logical sense. - Erik -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Gadi Evron Sent: Tuesday, August 16, 2005 12:58 AM To: Christopher L. Morrow Cc: nanog@merit.edu Subject: Re: zotob - blocking tcp/445 [snip arguments]
Do not become the internet firewall for your large customer base... it's bad.
Okay, so please allow me to alter the argument a bit. Say we agreed on: 1. Security is THEIR (customers') problems, not yours. 2. You are not the Internet's firewall. That would mean you would still care about: 1. You being able to provide service. 2. Your own network being secure (?) In a big outbreak, not for the WHOLE Internet, I'd use whatever I can. It can easily become an issue of my network staying alive. Blocking that one port then might be a viable solution to get a handle on things and calm things down. Naturally though you are right again, it is a case-by-case issue and can not be discussed in generalities. Gadi.