On 8/15/05 4:46 PM, "Randy Bush" <[EMAIL PROTECTED]> wrote:
> >>>> I'm not nearly confident enough to decide on behalf of almost >>>> billion other people how they should benefit from the Internet >>>> and how not to. >>> thanks for that! >> Indeed. Also see >> http://www.iab.org/documents/docs/2003-10-18-edge-filters.html > > as i just replied to a private message from an enterprise op, > > o backbone isps can not set their customers' security policy > - some customers want to run billyware shares over the wan > whether we advise it or not > - some of us host security researchers, who have a taste > for 445 and other nasty traffic > While its not uncommon to run SMB/Windows file system drive mounts across private WANs, doing so across the Internet, on a non-encrypted tunnel, is the equivalent of running with scissors. I am unaware of any enterprise security folks foolish enough to allow that. Of course, I may be sheltered. (as an aside - running windows file system mounts across enterprise WANs is so common that there are WAN optimization devices that improve remote disk mount performance via protocol spoofing) - Dan > o enterprise / site ops can set their users' security policies > as that's part of their job and charter > > randy >
