[21683] in North American Network Operators' Group
Re: Exodus Customer Security
daemon@ATHENA.MIT.EDU (Bret McDanel)
Wed Nov 18 12:48:47 1998
Date: Wed, 18 Nov 1998 10:19:29 -0500
From: Bret McDanel <bret@rehost.com>
To: rirving@onecall.net
Cc: nanog@merit.edu
Reply-To: bret@rehost.com
In-Reply-To: <3652CB51.795A196@onecall.net>
---Reply on mail from Richard Irving about Exodus Customer Security
> Ask yourself this:
> Can you (as an NSP) guarantee me
> that *none* of your boxes,
> or *customer* boxes, have been infected ?
>
That was sorta my point, I mean you can take the approach that sprint
did.. They gave an isp FULL information on a customer, name, address,
telephone number, simply becuase that customer claimed that bad things
were comming from that dialup customer (logging into a shell server from
sprint instead of from the isps dialups itself)..
If you make a policy where you dont give out customer information, when do
you break that policy? After 2 complaints? 5? Whatever the number,
there is always someone out there who can and will abuse that, for
whatever reason..
--
Bret McDanel http://www.rehost.com
Realistic Technologies, Inc. 973-514-1144
These opinions are mine, and may not be the same as my employer
