Need ISP!!!

Craig White craigwhite@azapple.com
Thu, 15 Mar 2001 00:19:06 -0700


> -----Original Message-----
> From: plug-discuss-admin@lists.plug.phoenix.az.us
> [mailto:plug-discuss-admin@lists.plug.phoenix.az.us]On Behalf Of
> der.hans
> Sent: Wednesday, March 14, 2001 11:59 PM
> To: plug-discuss@lists.plug.phoenix.az.us
> Subject: Re: Need ISP!!!
>
>
> Am 13. Mar, 2001 schwäzte David A. Sinck so:
>
> > Well, see, thereby hangs a tail....providers *should* squash the non
> > routeable addresses before sending them on.  If you get this traffic
> > on your inbound ethX card, you know someone is up to no good and your
> > ISP is likely to suffer evil RSN.  It's been a bit since I've seen a
> > report of this, but they are there.
>
> I would think that non-routable stuff isn't routable :). I would also
> think that broadcast stuff would get squashed at every organizational
> border.
>
> That's what http://www.sans.org/dosstep/index.htm suggests. That's also
> what the router people I know suggest.
>
> OTOH, I brought broadcast packets up on SAGE [1] recently and it was
> mentioned that customers go after their providers if blocking is done. It
> was mentioned that there are many threads about this on the NANOG [2]
> mailing list, including a recent piece about a provider being sued because
> they weren't allowing broadcast m$ traffic. Appears the suers had offices
> in different geographical locations and were using NETBIOS over IP
> broadcast to connect via "network neighborhood". Personally, I say toss
> 'em off the network for gross stupidity.
>
-----
I've always felt that gross stupity is it's own reward (punishment).

The problem is wasted bandwidth because broadcasts - by their very nature -
are wide ranging and should be minimized. I wonder how well the @home
network would perform if they assigned static IP's instead of asking
everyone to use DHCP.

SMB traffic on the public internet is a gross violation of bandwidth and
should always be contained in VPN tunnels if remote networking is the goal.
It is actually scary how many TCP packets of port 137, 138 & 139 are
bouncing around and many providers don't quash them. I consider them to be a
marketing opportunity to sell a firewall, but I don't have the time.

Craig