Level3 routing issues?

• Previous message (by thread): Level3 routing issues?
• Next message (by thread): Level3 routing issues?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>If a customer is infected, then the problem is on their end. The fact that
>they don't have throughput is their issue, not that of the provider's.

Many, many customers don't understand this - if they don't have throughput, 
it's the provider's problem and the provider has to fix it.  One of the 
reasons I'm not providing anymore.

>As for collateral damage, proper monitoring of the entire network and early
>warning systems allow engineers to hopefully stop the problem before it goes
>critical. The spool up on this worm was massive and effected some networks
>too fast to prevent them going critical. However, tracking and resolution
>should easily have been within the SLA windows.

I've seen various references to this worm firing off and saturating 
networks worldwide within 1 minute... if *that* isn't scary, I don't know 
what is.  It shows that someone, with the right tools and enough vulnerable 
servers can take out a good portion of the Internet in seconds.  And how 
can we predict *every* possible issue and block it?

>My policy: Hmm, I'm not sure. *ring* Dude, wake up. It's a critical outage.
>The whole network is collapsing. Think! *rambles for 5 minutes* Oh, wait.
>Never mind, I got it. Go back to sleep. Thanks.

I think there's only so much one can do in advance.  Sure, we all know we 
shouldn't have these servers exposed, but again, many are in the position 
of having to leave them open to some extent - case in point, I have a 
developer who uses dialup (because he's in the sticks in northern Georgia, 
and nothing else is available, and he's a skinflint who uses the free or 
nearly-free dialup providers)... he's also not going to use a VPN... he'll 
just bitch because he can't get to the server.

More cases where you do what you have to... a couple of years ago, when I 
*was* doing the provider bit... I blocked the netbios ports on the 
border.  You have no idea what a cry went up from customers... they *want* 
to share drives over the Internet, and didn't care what risks might be 
involved.  It was, to them, too complicated and/or expensive to do it via a 
VPN.

So I ended up having to open them back up, but kept them blocked to my own 
machines.  Sometimes the best you can do is explain the risks, and then let 
the customer do what they will.  Until they're causing problems... of 
course at that point you can cut 'em off (how many of you shut down 
customer boxen last night?).

I'm no great thinker, and having said that, I'm just not sure we can 
protect everything/everybody.

• Previous message (by thread): Level3 routing issues?
• Next message (by thread): Level3 routing issues?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]