--- frnkblk@iname.com wrote: --------------------
We have a two-dozen line long ACL applied to our CMTS and BRAS blocking
Windows and "virus" ports and have never had a complaint or a problem. We
do have a more sophisticated residential or large-biz customers ask, but
I'd like to ask the same question of you that I just did to Chris. How'd you implement that or has it been there since the network was new?
I would suggest a good resource is the MAAWG papers, and even though
you are stretched thin, consider attending a MAAWG meeting. MAAWG has
a lot of members that have already experienced the same situatations
as you, and may be able to help.
http://www.maawg.org/about/publishedDocuments
Obviously, I'm biased, but I like how SBC handled it 
Not that it was
a problem free implementation.
Those ACLs were added when I came on board. Again, only one complaint in 3+
years.
And customers wonder why I shudder when they tell me that they plug in their
Win9x computers directly into their cable modem. I can't imagine how much
worse it would be if I didn't block the SMB ports.
Frank