ISPs' willingness to take action
Joe Abley
jabley at isc.org
Mon Oct 27 15:48:16 UTC 2003
On 27 Oct 2003, at 10:25, Sean Donelan wrote:
> Most ISPs are relatively secure. Yes, occasionally a backbone
> router shows up on some list with a password of "cisco." The major
> problems are in the systems managed and installed on non-ISP networks
> (i.e. end-users).
Maybe all the ISPs I've been involved with in the past ten years have
been exceptions, but there are only a small handful of them that I
would elevate to the status of "relatively secure".
> Really? Most users are angry when their network connection is
> interrupted
> for any reason, including their own mistakes.
Every now and then some acquaintance or relative hauls me in my
capacity as unpaid "computer expert", so that I can stare bemusedly at
their windows problem and mutter things like "buy a mac" under my
breath.
My experience every time is that end users are amazingly tolerant of
breakage. The fact that there are popups all over the screen, or that
it takes five minutes to open their mail client, or that machines
freeze up every ten minutes and require a hard boot appear to be simply
accommodated as "that's what computers do".
> As a non-ISP consultant, when a client asks you to configure their
> Exchange server do you always conduct a top-to-bottom security
> analysis of
> the client's entire business infrastructure and refuse to do business
> with
> them until after they have corrected every deficiency? Or does the
> client
> just say screw you, and hires a different consultant that will do what
> the client wants?
When I was a consultant, I was never sufficiently mercenary to ask for
money in return for what I *knew* to be bad advice. I'd far rather they
buy their bad advice elsewhere.
Joe
More information about the NANOG
mailing list