[102990] in North American Network Operators' Group
RE: Customer-facing ACLs
daemon@ATHENA.MIT.EDU (Frank Bulk - iNAME)
Tue Mar 11 23:11:58 2008
Reply-To: <frnkblk@iname.com>
From: "Frank Bulk - iNAME" <frnkblk@iname.com>
To: <surfer@mauigateway.com>, <nanog@merit.edu>
In-Reply-To: <20080311193456.A0BA5051@resin11.mta.everyone.net>
Date: Tue, 11 Mar 2008 21:57:25 -0500
Errors-To: owner-nanog@merit.edu
Those ACLs were added when I came on board. Again, only one complaint in 3+
years.
And customers wonder why I shudder when they tell me that they plug in their
Win9x computers directly into their cable modem. I can't imagine how much
worse it would be if I didn't block the SMB ports.
Frank
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
Scott Weeks
Sent: Tuesday, March 11, 2008 9:35 PM
To: nanog@merit.edu
Subject: RE: Customer-facing ACLs
--- frnkblk@iname.com wrote: --------------------
We have a two-dozen line long ACL applied to our CMTS and BRAS blocking
Windows and "virus" ports and have never had a complaint or a problem. We
do have a more sophisticated residential or large-biz customers ask, but
----------------------------------------
I'd like to ask the same question of you that I just did to Chris. How'd
you implement that or has it been there since the network was new?
scott
