Re: ISP Filtering (Survey of Sorts)

["Kath" <kath () kathweb net>]

A lot of cable companies have a "good neighbor policy" which blocks ports
137:139 across their network to prevent idiots who have file and print
sharing enabled to be exploited easily through Network Neighborhood etc.

I work at a DSL company and when I go in tomorrow I'll ask one of the head
techs if we filter 137:139 or any ports at all.

- Kath

----- Original Message -----
From: "McCammon, Keith" <Keith.McCammon () eadvancemed com>
To: <incidents () securityfocus com>
Sent: Thursday, May 31, 2001 1:09 PM
Subject: ISP Filtering (Survey of Sorts)


> A few questions:
>
> 1) Does anyone know of a list of known security-conscious ISP's (for
larger
> corporate circuits) that are known for providing basic security services
> (ingress/egress filters, RFC1918's, and client-specific filter requests)
to
> customers without hassle.
>
> 2) Does anyone else have an ISP that, by policy, will not filter upstream?
> I've got Verizon, and I've been having some infrequent correspondence with
> them regarding filtering and it has been denied all the way up the chain.
> I'm getting kind of tired of seeing thousands of matches on my
access-lists
> against RFC1918 rules and such that I would assume should be filtered by
any
> semi-responsible ISP.
>
> Just curious if there are greener pastures...
>
> Thanks,
>
> Keith W. McCammon
> Sr. Network Engineer
> AdvanceMed Corporation
> 11710 Plaza America Drive
> Reston, VA 20190
> Phone: 703.261.4891
> Fax: 703.261.5300