[64274] in North American Network Operators' Group
Re: IAB concerns against permanent deployment of edge-based filtering
daemon@ATHENA.MIT.EDU (bmanning@karoshi.com)
Sat Oct 18 14:15:22 2003
From: bmanning@karoshi.com
To: eric@roxanne.org (Eric Gauthier)
Date: Sat, 18 Oct 2003 11:14:42 -0700 (PDT)
Cc: nanog@nanog.org
In-Reply-To: <20031018122621.B29105@roxanne.org> from "Eric Gauthier" at Oct 18, 2003 12:26:21 PM
Errors-To: owner-nanog-outgoing@merit.edu
> > I think the IAB has a legitimate point.
> >
perhaps. but last I checked, it was the Internet Architecture Board
not the Internet Operations Board. So form an architectural purity
perspective, sure, don't filter (and by extention, pull out firewalls
and NATS.... :)
> > There is a real danger that long-term continued blocking will lead
> > to "everything on one port"
fair amount of handwaving there.
prudent/paranoid folk over the years have persuaded me that
it makes the best sense to only run those applications/services
that I need to and shut off everything else - until/unless there
is a demonstrated need for it.
--bill
