RE: ISPs as content-police or method-police

["Christian Kuhtz" <ck () arch bellsouth net>]

> On Mon, 20 Nov 2000 09:21:10 MST, Ehud Gavron said:
> > It is clear (to me) that customers who get a connection
> > to the net do NOT want that connection limited nor
> > censored.
>
> Unfortunately, it's NOT clear that this is the case.  The average customer
> just THINKS they want something.  The question of whether it's something
> actually reasonable to do is a different issue....

What doesn't make sense in that argument is why you couldn't just simply
upsell the customer to a managed fw solution etc if that's the concern.
Educate them, and let them decide based on the education they received.

> Remember - the *reason* this is a point worth discussing at *ALL* is because
> such a large percentage of customers don't have a CLUE - if (for instance)
> 98% of the shops had enough clue to close down open shares, we'd
> not be seeing
> so many scans for them.

Well, again, I don't believe in 'censoring' traffic by default.  I do believe
in offering options for those people who decide to do so and can't/don't want
to do it themselves.

> I suspect that if a large percentage of Tier 1/2 carriers actually filtered
> ports 137 through 139, we'd not be seeing anywhere near the amount
> of QAZ and
> similar activity.

I wouldn't be so sure, particularly because of the legal exposure...

> And as has been pointed out, you can ALWAYS punch a hole
> in the filter for customers who like to live risky, or they can find other
> ways to tunnel their packets.

At SP scale?  Think again.

Cheers,
Chris

--
Christian Kuhtz <ck () arch bellsouth net> -wk, <ck () gnu org> -hm
Sr. Architect, Engineering & Architecture, BellSouth.net, Atlanta, GA, U.S.
"I speak for myself only."