Home page logo

nanog logo nanog mailing list archives

RE: What do you want your ISP to block today?
From: Owen DeLong <owen () delong com>
Date: Sun, 31 Aug 2003 00:11:26 -0700

    Frankly I dont want any of my ISP's filtering any of my
traffic.  I
think we need (especially enterprise administrators like
myself) to take
some responsibility, and place our own filters.

That's a popular sentiment which derives its facade of reasonableness
from the notion that ISP's ought to provide unencumbered pipes to the
Internet core.  However, it doesn't bear close scrutiny.

I disagree.

Would you say that ISP's should not filter spoofed source addresses?

It depends. If spoofed source address can be determined with 100% reliability
then, generally, yes.  However, an ISP, generally would only be able to
reliably make this determination on some of their own customers' links.
As such, that's not my traffic unless I'm already violating an AUP or one
of said ISPs other customers is violationg the ISPs AUP.  Of course an
ISP has the right to block traffic which is in clear violation of the ISPs
AUP from the ISPs customers who presumably signed the AUP as a condition
of their service agreement.

That they should turn off "no ip directed broadcast"?  Of course not,

I cannot think of a single situation in which the ISPs configuration of
no ip directed broadcast would affect my traffic unless I was sending
traffic _TO_ the broadcast of some network within the ISPs backbone.
As such, I would, again, figure that falls into the AUP violation category

because such traffic is clearly pathological with no redeeming social

No.  Because such traffic is clearly in violation of the AUP I signed
as a customer and for no other reason.  My ISP has the right to block my
traffic in any case where I am in violation of the AUP.  He has a similar
right with any of his/her other customers.  Outside of that, no, an ISP
should not, generally block traffic.

The tough part for the ISP is to decide what other traffic types are
absolutely illegitimate and should therefore be subject to being
Verboten on the net.

Again, this is a very slippery slope and relies on the fallacy that traffic
must have some socially redeeming value in order to be routed.  In my eyes,
what traffic has value may be radically different from your opinion.
Allowing opinion to enter into rulesets is not, generally, a good plan.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]