[69761] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT)

daemon@ATHENA.MIT.EDU (Paul Vixie)
Mon Apr 19 18:17:46 2004

To: nanog@merit.edu
From: Paul Vixie <vixie@vix.com>
Date: 19 Apr 2004 22:16:58 +0000
In-Reply-To: <web-24405740@wyoming.com>
Errors-To: owner-nanog-outgoing@merit.edu


> > Should ISPs start requiring their users to install Windows XP SP2?

nope.  especially since, according to bill gates, linux would have the
same reputation if it was a popular a platform (and therefore a target
of more virii.)  now, you could go further, and say "if you emit streams
of wierd(*) looking traffic we'll shut your line down and wait for you to
call us and give us an explaination" but then you're just going to be
on the phone all the time and that's no good for anybody -- especially
since cleanup costs are high, and reinfection "costs" are low, and phone
time is really expensive.  so why not just disallow all that bad junk
all the time, instead of waiting for it to be seen in flight?

[(*) "wierd" could mean streams of tcp/syn or tcp/rst, or forged source
 addresses, or streams of unanswered udp, or streams of ourbound tcp/25,
 or udp/137..139, or who knows what it'll be by this time next month?]

> Let's face it -- this shouldn't have to be the ISP's problem. 

you're right, and it won't be for very much longer.  access isp's cannot
take responsibility for the health of their customers' computers, they
just need to work harder to ensure that access is all they provide, and
that servers don't work, udp/137..139 doesn't work, and outbound e-mail
is via tunnel or proxy.  since access isp's aren't able to do even that
much (for fear of their customers wraith, or due to lack of technology
inside the headend, or whatever), it's going to get done by the dreaded
giant merciless monster known as "market forces".
-- 
Paul Vixie

home help back first fref pref prev next nref lref last post