On Mon, 15 Aug 2005, Daniel Golding wrote:
> > > On 8/15/05 4:46 PM, "Randy Bush" <[EMAIL PROTECTED]> wrote: > > > > >>>> I'm not nearly confident enough to decide on behalf of almost > >>>> billion other people how they should benefit from the Internet > >>>> and how not to. > >>> thanks for that! > >> Indeed. Also see > >> http://www.iab.org/documents/docs/2003-10-18-edge-filters.html > > > > as i just replied to a private message from an enterprise op, > > > > o backbone isps can not set their customers' security policy > > - some customers want to run billyware shares over the wan > > whether we advise it or not > > - some of us host security researchers, who have a taste > > for 445 and other nasty traffic > > > > While its not uncommon to run SMB/Windows file system drive mounts across > private WANs, doing so across the Internet, on a non-encrypted tunnel, is > the equivalent of running with scissors. no one was arguing that... just like no one argues that riding a motorcycle sans-helmet is stupid (or playing hockey without a helmet) > > I am unaware of any enterprise security folks foolish enough to allow that. > Of course, I may be sheltered. 'enterprise security folks' are probably not the issue... The fact remains that lots of folks DO do this :( There are quite a few folks between 'consumer' and 'enterprise' that do all manner of dumb things on the Internet (where 'dumb' is equivalent to running smb shares across the public network minus encryption/ipsec). It's their choice to do that, and their network providers are expected/demanded to pass those packets for them. -Chris
