[ NNSquad ] Re: Traffic shaping law proposed in US

NNSquad - Network Neutrality Squad
NNSquad Home Page
NNSquad Mailing List Information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Re: Traffic shaping law proposed in US

To: Bill S <unixluv@gmail.com>
Subject: [ NNSquad ] Re: Traffic shaping law proposed in US
From: Sean Bradly <rhythmx@gmail.com>
Date: Wed, 19 Mar 2008 11:00:13 -0500
Cc: nnsquad@nnsquad.org

Actually, it's not quite so simple. I have been working in the
Information Security industry for quite some time now. Most external
security assessments involve sending many probes and sometimes real
attacks over the internet.

When a client's ISP blocks an attack, it is generally a good thing. The
hole is closed from any attacker's perspective. However when an
auditor's ISP blocks this traffic, it diminishes their ability to
conduct their service.

Quite a few of these clients will actually take the time to sniff and
hand analyze the attack traffic you send their way. At one point we had
a client that called us out for missing some things. Our ISP had been
blocking parts of our audit traffic for "security reasons." This wasn't
mentioned in our TOS anywhere, we had to find out from an angry customer.

In the end we had to break that contract and move no another ISP. Not to
mention apologize and re-audit some of the customers.

The justification for ISPs automatically filtering for security reasons
is that the users are ignorant. That is obviously a flawed justification
in many situations. In the very least, any filtering done by an ISP
should have the option of being enabled/disabled on a user per user
basis and all filtering policy should be disclosed in detail.

--Sean

Bill S wrote:
>
>
> On Tue, Mar 18, 2008 at 12:22 PM, Brett Glass <nnsquad@brettglass.com
> <mailto:nnsquad@brettglass.com>> wrote:
>
>     At 03:54 PM 3/17/2008, Phil Karn wrote:
>
>     >carriers are banned from any and all discrimination on the basis
>     of traffic
>     >content, including port numbers.
>
>     In other words, we would have to let worms like the infamous "SQL
>     Slammer"
>     worm though. And we'd have to let spambots spam.
>
>     --Brett Glass
>
>
> I doubt anyone here would seriously consider blocking bona fide
> security threats a violation of NN principles.  We don't want spam,
> harvesters, phishing or trojans any more than you do.The problem is
> that with those using typical traffic shaping or port blocking
> techniques, they are casting with too wide a net.  And as a result,
> they catch dolphins, turtles, sharks and all manner of things in
> addition to the intended target.  Let agree on this and move on.
>
> Bill
>
>

References:
- [ NNSquad ] Traffic shaping law proposed in US
  - From: "Frank A. Coluccio" <frank@fttx.org>
- [ NNSquad ] Re: Traffic shaping law proposed in US
  - From: Phil Karn <karn@ka9q.net>
- [ NNSquad ] Re: Traffic shaping law proposed in US
  - From: Brett Glass <nnsquad@brettglass.com>
- [ NNSquad ] Re: Traffic shaping law proposed in US
  - From: "Bill S" <unixluv@gmail.com>

Prev by Date: [ NNSquad ] BT admits using live customer data in Phorm test, faces legal action
Next by Date: [ NNSquad ] Re: Thoughts on DNS Redirection
Previous by thread: [ NNSquad ] Re: Traffic shaping law proposed in US
Next by thread: [ NNSquad ] Legality of Phorm's advertising system
Index(es):
- Date
- Thread