[32406] in North American Network Operators' Group
RE: ISPs as content-police or method-police
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Tue Nov 21 10:42:25 2000
Message-ID: <47FE39302BF73B4C93BC84B87341282C1F25@condor.lvrmr.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: 'Jason Slagle' <raistlin@tacorp.net>,
Roeland Meyer <rmeyer@mhsc.com>
Cc: 'Shawn McMahon' <smcmahon@eiv.com>, nanog@merit.edu
Date: Tue, 21 Nov 2000 07:37:16 -0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
> From: Jason Slagle [mailto:raistlin@tacorp.net]
> Sent: Tuesday, November 21, 2000 5:53 AM
>
> You basically have 3 choices here.
>
> 1) Filter known trojan ports to your customers (Which
> argueably may or may
> not include port 139)
>
> 2) Routinely scan your customer blocks and inform them of trojans they
> could be infected with, and any open shares.
>
> 3) Do nothing and deal with the possible fallout which may
> include turning
> down the customers port, if they get compromised.
>
> Which do YOU view as the lesser of the evils here.
>
> Your arguing 1 isn't doable. 2 is possibly a no go, depending on the
> contract and customer also, and 3 isn't very good either.
There is a fourth that I'm surprised that only one or two of you picked up
on (private mail).
4) Offer port filtering as an added premium service that adds to your
revenue stream. That way it is customer choice. However, this only applies
to access providers. Backbone providers don't have this option.
