From: Richard A Steenbergen (no email)
Date: Mon Aug 05 2002 - 11:18:31 EDT
On Sun, Aug 04, 2002 at 09:15:26PM -0700, Stephen Stuart wrote:
>
> > IMO, Commercial ISPs should never filter customer packets unless
> > specifically requested to do so by the customer, or in response to a
> > security/abuse incident.
>
> Let's say the customer operates some big enterprise network, runs
> their infrastructure in RFC1918 space ("for security," hah), and spews
> a couple kilobits of DNS query from that RFC1918 space toward the root
> nameservers. Assume that either pride or ignorance will prevent the
> customer from ever asking you to filter what you know to be garbage
> traffic. Does your rule to "never filter customer packets" mean you're
> going to sit and watch those packets go by?
>
> If yes, why?
One would hope that, unless there is a complaint, you wouldn't be invading
their private to look at their traffic in the first place.
If a root server operator complained about it, I'd say thats reasonable
grounds to filter it and contact the customer, the same as if they had a
compromised box spewing out DoS.
Filtering piddly stuff like this without consultation is usually unwelcome
at best, and a disruption at worst. It is also a serious investment of
time and acl resources which could be better spent somewhere else. And
lastly, it sets a bad precedent for what ISPs "can" do to proactively
filter. After all, if we "can" do this, why can't we also filter illegal
MP3 exchanges too.
-- Richard A Steenbergen <> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
|
|
|