Level3 routing issues?

Mailman List Mirror (Read Only)
1

Not sure you can claim something you have for free is liable or with
guarantee

Thats total rubbish. Whether you pay for it or not shouldn't matter.
You might also want to consider reading the various software agreement
licenses that come with various pieces of software both free and non-free.

True altho it does appear to affect MS more so than it ought to even considering
their market lead.

What evidence do you have here? If I count the number of DDOS attacks
from insecure Linux boxes that we've seen in the last year, I'd say that its
on par.

I expect my purchases to live up to their sales description

Yes, thats bad.. people should be more clueful than they are, I blame folks
being cheap, having staff who are clueless, low quality equipment, this is the
market we're in.

Do you actually use MS SQL? From what you've posted I'd say not. Have
you had a network outage that your customers have had to suffer?

You are blaming yourself in the last statement as its upto operators to
make sure customers get the message about securing their network.
I've been whining at router manufacturers about alot of their
default options for years. Last week I whined at Cisco to put a
huge sticker on every CPE router they sell warning about Network
Security and Day to Day administration. How much of this to you
talk to your own customers about? Or do you just take the money?
I don't know of an industry where costs aren't always being lowered.

Regards,
Neil.

2

> True altho it does appear to affect MS more so than it ought to even considering
> their market lead.

What evidence do you have here? If I count the number of DDOS attacks
from insecure Linux boxes that we've seen in the last year, I'd say that its
on par.

I think you are on the right lines below in suggesting that products and
services should be supplied safe and not require additional maintenance out of
the box to make them so (additional changes should make them weaker)

> I expect my purchases to live up to their sales description

> Yes, thats bad.. people should be more clueful than they are, I blame folks
> being cheap, having staff who are clueless, low quality equipment, this is the
> market we're in.

Do you actually use MS SQL? From what you've posted I'd say not. Have
you had a network outage that your customers have had to suffer?

I've not had an outage no, but some of my customers have maxed their own
connections to me. Why?

You are blaming yourself in the last statement as its upto operators to
make sure customers get the message about securing their network.
I've been whining at router manufacturers about alot of their
default options for years. Last week I whined at Cisco to put a
huge sticker on every CPE router they sell warning about Network
Security and Day to Day administration. How much of this to you
talk to your own customers about? Or do you just take the money?

This is a little specific on me rather than "in general".. however I always
advise folks of what I think are best practices and try to educate them and if
anything I give far to much for free when I should be charging, that I tend to
keep my customers over time and keep the good relations suggests that they like
the attention I give them.

My involvement in discussion forums and the organisations I'm in is about a 2
way process of being educated and educating others so yes I'm talking to my
customers about this!

I don't know of an industry where costs aren't always being lowered.

I dont know of one where prices are below cost values such that players of all
sizes regularly go bankrupt and services are squeezed harder and harder.

Steve

3

"secure by default" is a wonderful goal that has, to date, failed to reach
very many vendors, either commercial or otherwise. As the number of hosts
connected to the Net continues to rise, and as broadband continues to spread,
we can expect to see the damage caused by insecure software grow. When the
damage reaches a certain critical mass (whatever that may be; I thought we'd
have reached it already), those who are coughing up millions of dollars (if
not now, that figure will certainly be realistic very soon) to deal with the
effects of insecure software will eventually stop accepting this as merely
"the way things are". At that point, the lawyers will get involved, and there
will be a change in the way software liability is viewed, and a resulting
change in the focus from vendors (commercial ones, anyway).