[32368] in North American Network Operators' Group
RE: ISPs as content-police or method-police
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Mon Nov 20 12:46:41 2000
Message-ID: <47FE39302BF73B4C93BC84B87341282C1F14@condor.lvrmr.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: 'Ben Browning' <benb@oz.net>, nanog@merit.edu
Date: Mon, 20 Nov 2000 09:42:54 -0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
> From: Ben Browning [mailto:benb@oz.net]
> Sent: Monday, November 20, 2000 9:17 AM
> The point is this: 137-139 are used for NetBIOS and Samba,
> neither of which
> are secure (or even supported by their vendors, AFAIK) for
> use out on the
> Internet. I think we can all agree that anyone using them in that
> situation, shouldn't be.
No, we cannot all agree to that. I cannot condone anyone else applying their
ideology, by force or default, on someone else, unless specifically
requested. As a downstream customer, the backbone is nearly unreachable from
a services perspective. If CERFNET started to do port-filtering then the
only means I (I assume that everyone here has sufficient clue to find my
upstream) have to change that is to either sue CERFNET or start looking for
an ISP that has a different backbone provider. CERFNET tech support will not
even talk to second or third level customers. In essence, it eliminates the
secondary re-seller market from contention. You risk getting sued, not only
from the downstream customer, but your own downstream as well.
The ONLY one that should be even dreaming about doing something like this is
the direct upstream to the leaf nodes, and then ONLY with permission.
Otherwise, no ports should ever be filtered by any transit provider.
By God, we PAY for open pipes and there are standard remedies when we don't
get what we pay for.
