Re: NSPs filter?

[Richard A Steenbergen <ras () e-gerbil net>]

On Sun, Aug 04, 2002 at 09:15:26PM -0700, Stephen Stuart wrote:
> > IMO, Commercial ISPs should never filter customer packets unless
> > specifically requested to do so by the customer, or in response to a
> > security/abuse incident.
>
> Let's say the customer operates some big enterprise network, runs
> their infrastructure in RFC1918 space ("for security," hah), and spews
> a couple kilobits of DNS query from that RFC1918 space toward the root
> nameservers. Assume that either pride or ignorance will prevent the
> customer from ever asking you to filter what you know to be garbage
> traffic. Does your rule to "never filter customer packets" mean you're
> going to sit and watch those packets go by?
>
> If yes, why?

One would hope that, unless there is a complaint, you wouldn't be invading
their private to look at their traffic in the first place.

If a root server operator complained about it, I'd say thats reasonable
grounds to filter it and contact the customer, the same as if they had a
compromised box spewing out DoS.

Filtering piddly stuff like this without consultation is usually unwelcome
at best, and a disruption at worst. It is also a serious investment of
time and acl resources which could be better spent somewhere else. And
lastly, it sets a bad precedent for what ISPs "can" do to proactively
filter. After all, if we "can" do this, why can't we also filter illegal
MP3 exchanges too.

-- 
Richard A Steenbergen <ras () e-gerbil net>       http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)