On Mon, Nov 20, 2000 at 04:12:19AM -0800, Mathew Butler wrote:
Ah, but here's the rub: Is there anything, from a business standpoint (read: contracts), that says that you have the right, much less the obligation, to make 'security' decisions for the customer? If not, you're opening your company up to massive lawsuits.
Let me get this straight; you think that instead of shooting you an email asking that the port be opened, your customer is going to call in the lawyers and file suit? WTF are your customers?
It's a -very- touchy subject -- but I, as a customer, want exclusive right to make filtering decisions over what goes from my network to the peering point, where the other backbone providers can choose their own policy. The reason for this is so that, if necessary, I can run any protocol I have a need to run over all circuits that I have that are connected to the same ISP.
Well, tough. We all filter various things, whether that be RFC 1918 addresses, NetBIOS, or Other. There's not a thing wrong with filtering by default, and removing if the customer asks, and since I did it for years without getting sued I reject your entire argument that the latter is what will occur.
Or are you thinking that the only clueful people in the network world exist at the NSPs?
No, I'm thinking 99% of them exist at the NSPs. My experience has so far borne this out. Then again, I've been no higher than Tier 3, so WTF do I know? :-)