On Thu, 20 Jan 2005, James Laszko wrote:
> > > > Whats so bad about decent secure defaults? > > > I don't consider a configuration that disenfranchises part of the > > internet as "decent [...] defaults." :) > > The big problem that we're experiencing here is that the big telco > ISP's, network providers and managed service providers that should have > something better than a 'network monkey' running their routers are > having BOGON filtering problems. > > We diagnosed a problem getting to east cost government sites and in > working with SAVVIS, we corrected problems in a matter of hours. This > has been the only positive progress we've made in unblackholing out > network segment. We're going on day number 4 trying to get SBC to fix > 'managed' local government routers. you do understand that for SBC (or anyone who manages customer devices) to make a change: 1) the customer has to be notified of the change and given a reason for the change 2) the customer has to agree to the change (presumably they also have to actually be contacted.... a task of it's own at times) 3) the change has to be scheduled into a maint window 4) the procedures and maintenance changes probably have to be checked over with the 'network monkey' (as you put it) and customer 5) change happens, for 1 customer... Wash, rinse, repeat for the other 70,000 routers you manage for customers... This is definitely NOT a half-rack in a colo fix. Just contacting the customers is a feat. -Chris