Re: Some Kudos for Dell

"Leythos" <void@xxxxxxxxxxx> wrote in message
news:MPG.1d6876406d1ef8c8989ba6@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> In article <GZsLe.45379$vb3.11294@xxxxxxxx>, wildthing123@xxxxxxxxxxx
> says...
> > "Leythos" <void@xxxxxxxxxxx> wrote in message
> [snip]
> > > It does not involve "home networking" any more than their routers do
> > > now. In fact, some of the Cable and DSL modems are setup to provide a
> > > 192.168.x.y address by default in some locations I've been in. We just
> > > setup a SBC DSL connection for one small company where their SBC DSL
> > > router provided a 192.168.1.2 address to our hardware. Since we wanted
> > > to provide remote support we had to get SBC to allow us to use Bridge
> > > mode in order to get a public IP so that we could manage the NAT on
our
> > > device.
> >
> > You, for a small company? What about John Doe, computer user
sittiing
> > at home with one or more PCs trying to set up on any connection? He
> > expects his ISP to support whatever hardware he has, but can he also
expect
> > them to provide, install, configure and support additional hardware to
> > protect him? Also are these fixed addresses or dynamic?
>
> Duh, a home user with 253 computer would be delighted to have DHCP
> provide the basic NAT functions without him having to purchase any
> third-party appliance. Not to mention the additional security benefit at
> no cost to the user or the ISP.
>
> The LAN side would be DHCP, the WAN side doesn't matter as most people
> get a DHCP address anyway - reservations could do the static IP if
> requested.
>
> >
> > > > Additionally there comes the question of liability. Surprisingly
this
> > what
> > > > keeps many smaller service providers out of the antivirus/antispam
> > venue.
> > > > Ideally each end user machine should have it's own anti-virus
protection
> > as
> > > > well as the network servers and the network it's self. In the USA
the
> > legal
> > > > climate is such that were said services provided by the ISP and they
> > were to
> > > > fail in some way the potential for a law suit is quite high. We
made a
> > tidy
> > > > profit helping to keep them clean. Add to this the total disregard
of
> > any
> > > > possible virus/malware threat by many P2P users, it just becomes
over
> > > > whelming.
> > >
> > > Many ISP's already provide free AV software and even Free Spyware
> > > detection/removal software - it's not a issue of Liability as it's
> > > perfectly clear that the ISP is not liable, the AV/ASW vendor could
be,
> > > but the ISP is just providing a free service without any
responsibility.
> >
> > A matter of scale, the biggies can afford bulk licenses, but the
little
> > guys are still out there. During my time as a tech at one small ISP,
the
> > question came up about providing at cost Antivirus software. The only
> > problem was that the cost quoted by NAV & McA was close to retail and
they
> > required that we provide hosting for the downloads. Not cost effective
to
> > our operation nor the customer.
>
> I think you misunderstand, the large ISP's don't license anything, they
> provide the "Free" version and the AV vendor hopes the exposure leads to
> full product sales - it's a win/win for the ISP/AV Vendor.
>
> >
> > > > Not to mention that there are a number of commercial apps, and
not
> > all
> > > > are in true legacy status, that do not work and play well with
antivirus
> > > > programs. I know of several companies we supported that required
their
> > > > agents/representatives to use said apps.
> > >
> > > And there will always be issues with some users systems, but, NAT
would
> > > not be one of the problems with a system, only with communications,
NAT
> > > is implemented outside of their home network (at the ISP's router),
and
> > > if they choose to not use free AV software they can, the ISP should
> > > still provide / encourage its use.
> >
> > But connections need to be robustly dynamic and support a plethora
of
> > technologies. Cost of management becomes an issue. There is also an
issue
> > of replacing hardware.
>
> BS, the ISP's modems almost all support NAT, and that doesn't change
> anything or cause any increase in MTBF.
>
> >
> > > > The filtering of Email becomes another nightmare due to the
sheer
> > volume
> > > > of spam on top of viruses that an ISP must shift through. Then
there is
> > the
> > > > risk of a false positive that delays or dumps some vital business
> > > > correspondence. The only way we were able to implement anti-spam
and
> > > > antivirus on our Email servers was to first get a blanket best
efforts,
> > etc.
> > > > waiver from the end users or the domain owner and then add a small
> > charge to
> > > > cover the additional resources required.
> > >
> > > Actually, we fight with this all the time. Since we setup our
customers
> > > email systems we have/do find means to combat spam/attachments, and
> > > we're more aggressive than an ISP would be, but many ISP's also take
the
> > > path of moving the email to another location and sending the user a
link
> > > to a site where they can review it before downloading it. If ISP's
> > > filtered attachments based on file extension alone, it would block 90%
> > > of that crap - don't let .EXE through (yet, still let .EX_ through as
> > > .EX_ won't autorun on anyones machine), same with .SCR, .PIF, etc...
> > > This would not keep anyone from sending a .EXE to anyone, but it
would,
> > > by renaming it, keep anyone from accidentally executing it.
> >
> > A good plan, but not very functional in the real world due to the
> > diversity of interest one has to support. Believe it or not some people
do
> > send legitimate attachments with those file extensions. You also
mention
> > customers Email systems. Yes we did that , but the issue is with John
Smith
> > Internet user, not corporate clients. With a corporate system you can
> > execute a much tighter control scheme.
>
> No, some people don't send legitimate attachments with those extensions,
> they are stupid if they do. Anyone with any common sense will rename the
> file, will zip it, will change it as any quality email scanner will
> remove it. I've seen stupid support companies send DLL's and EXE files
> to clients, and they are always rejected, the same should be expected to
> anyone - any quality shop will not send executable files to anyone, only
> a idiot does that.
>
> > One of the best and actually least expensive set-ups we implemented
for
> > a customer on a budget was a series of old servers (zero hardware cost)
they
> > already owned set up in three layers to handle their Email. Layer one
was
> > antispam and consisted of two servers running Free BSD and Postfix,
software
> > cost zero. The second layer had two servers running Linux and a
modified
> > antivirus application that utilized NAV to scan all in inbound Email and
> > attachments, this included compressed files, software cost about
$600.00.
> > The third layer was the actual mail server running NT and Imail software
> > cost $12,000 at the time(approx).
>
> But NAT and Proper AV + Email scanning costs nothing for most ISP and
> clients.
>
> > But again this is not a viable option on a public Email server.
> >
> > > > So when you add the human, technical, and financial barriers
most
> > ISPs
> > > > simply can't afford it. As a minimum we and most other ISPs I know
of
> > > > did/do provide a rather extensive section on the company web site
> > warning
> > > > about the potential threats that exist on the web as well as best
> > practice
> > > > to protect networks and end users. The monthly hit count on those
pages
> > > > though was never very high.
> > >
> > > A passive warning means nothing - I bet less than 20% of an ISP's
users
> > > actually even know about the warning on their sites. As for the count,
> > > if it's part of the IE startup page, then it's only getting hits
because
> > > the users open IE, not because they read what's there.
> >
> > Active warnings don't seem to have much effect either. We produced
a
> > monthly newsletter to our users an even with large red flashing letters
> > announcing a new threat and linked to the very item on the threats pages
did
> > not do much to increase customer awareness. Though there would always
be a
> > small bump in customer calls to tech support wanting help to deal with
the
> > problem. People seem to want a tech support guided tutorial on fixing
the
> > problem rather than taking a few minutes to read. All that being said
maybe
> > there are just more ethnically inept people out there that we gave the
> > population at large, or at least the portion covered by our customer
base,
> > credit for
>
> Sorry, but notices on a regular basis are also passive and ignored.
> Active is the ISP using NAT by default.
>
> > > Implementing NAT on ISP's hardware at the home, if it's supported by
the
> > > ISP's device, as a default installation method, costs the ISP nothing
> > > and provides a great first barrier protection method. Any user that
> > > needs a public IP should be able to get it just for the asking, as any
> > > user smart enough to know the difference is very likely to also know
how
> > > to protect their system.
> >
> > Broadband yes, and BTW with the FCCs new ruling on DSL the provider
list
> > is about to get a lot smaller. Smart users yes, but there are any
number of
> > illuminated idiots out there that only have half a clue and scream
bloody
> > murder when they finally realize they are over their heads.
> >
> > > Providing a Disk to the users on installation that gives them a FREE
AV
> > > program and a free browser like FireFox, even if they don't install
it,
> > > would be great - since many users would install it.
> >
> > Mozilla is not perfect, but a good answer. All you would have to do
is
> > change peoples habits a bit and get them to accept something that is not
> > exactly like what they are using now. For the early adopters and the
>
> You can change the habits of the masses they are happy to remain
> ignorant - you have to provide them with a painless method that they
> don't have to understand or they won't use it.
>
> > technically proficient, this is unnecessary as they don't need anyone
disk,
> > just the basic settings and addresses for the servers and their off and
> > running. A 3x5 note card would suffice. For others no disk will ever
cover
> > all they need to know should they ever take the time to fully utilize
what
> > is offered. There is and always will be hardware (MAC, x86, ???)
issues.
> > What works on a shiny new Dell et al, may or may not work on some ones
> > legacy machine. Then there is the issue of OS, what are you running,
today?
> >
> > At present I have a client that has one machine that just doesn't
like
> > NAV '05. NAV tech support has yet to resolve the issue and looks to
lose a
> > dedicated customer. He has several machines from a 486sx running Win95
to a
> > Gen 4 with XP, but one of his two older matching 550 MHz WIN Me machines
> > can't seem to get a good install. Surprisingly it's the one with a true
> > Intel chip (the other is a Celeron). Going to try AVG this after noon
on
> > it. Sad part is the guy is a real straight arrow and actually own
licensed
> > copies for every piece of software he's got on his machines. I think he
> > still has every machine (up and running) he's ever bought and they are
his
> > extended families home network.
> >
> > > Don't say cost is a factor, most ISP's oversell their services and
user
> > > performance suffers due to it - if users were not compromised or not
> > > reachable to attack, the ISP would have greater capacity and not
require
> > > additional investment to increase their users performance or to add
more
> > > users to the clean system.
> >
> > You have over simplified this a bit. For the big national/regional
> > providers, usually they are being hosted by a third party server farm
that
> > is subject to limitations that vary from company to company. For the
little
> > guy it is a balance between performance and cost to eak out a profit.
> > Speaking of cost, the install disk are cheap, but the licensed install
> > software is not unless it is home brewed and even then programmers
aren't
>
> If you think that the ISP's actually buy a license you've missed the
> boat - they give users the "Free" / "Personal" version and it is the
> exposure to the product that the vendor is hoping will get them sales.
> Any ISP that actually licenses software for their clients is missing the
> boat and doesn't understand sales/marketing.
>
> > that cheap even if you go overseas. That's why most offer dynamic IP
> > addressing and charge extra for fixed IP addresses. Though a good
router
> > makes this a non-issue. Then to there is a side benefit from this in
that
> > it reduces bandwidth hogs who want to set up servers and do low end
> > web/FTP/wares hosting, massive P2P file sharing, etc., on a residential
> > account. The original provisioning of the first residential broadband
> > providers did not for see this and got slammed by such inconsiderate
types.
> > And this upped the cost as well for said services
>
> Which supports my stating that ISP's should enable the NAT function on
> their modems by default and only provide non-nat mode to those that know
> enough to ask for it.
>
> > > Dial-up users are in another situation, but, there are inexpensive
means
> > > to protect them - you don't have to give them a public IP, and for
> > > $9.95/month they don't need a public IP. You could give two phone
> > > numbers - one for protected one for unprotected..... Sure, this might
> > > actually cost, as the initial change would require some effort, but,
in
> > > the end they might actually get more customers by being able to
> > > advertise their security measures - and the fact that normal dial-up
is
> > > no more secure than broadband.
> >
> > Human nature isn't that savvy. Most folks will go with the cheapest
> > they can get for the minimum reliability they can stand. That's how the
> > >$10.00 ISPs get by. They also drop any service that does not show a
> > profit. Many don't even offer Usenet.
>
> Any my statement is proven, if you do NAT, since D/U users only need
> minimal services, you protect your network and the Net at the same time.
>
> --
>
> spam999free@xxxxxxxxxx
> remove 999 in order to email me

You've never really worked at an ISP have you?

KC


.

Relevant Pages

  • Re: Some Kudos for Dell
    ... These come at a cost that most providers would rather avoid. ... > to provide remote support we had to get SBC to allow us to use Bridge ... expects his ISP to support whatever hardware he has, ... >> well as the network servers and the network it's self. ...
    (alt.sys.pc-clone.dell)
  • Re: OT broadband
    ... after Zen took PC Pro's Best Broadband ISP award for the ... These are not home ISPs, they are serious providers who don't say "we don't support routers", and if you have ever had a support call to talktalk or tiscali you'll realise why people like to go for the expensive ISPs. ... The prize went to Tiscali who told me to contact the support desk of the router company despite me telling them twice I *was* the support for Vigor and the fault lie in their infrastructure. ... Cost your time and a premium ISP is a bloody godsend. ...
    (uk.legal)
  • Re: Microsoft Worm
    ... Adding NAT for every user would significantly raise the cost to ... One of the most successful ADSL providers in my country bases its ... can configure forwarding rules via a webpage hosted by the ISP. ...
    (alt.computer.security)
  • Re: Microsoft Worm
    ... Adding NAT for every user would significantly raise the cost to ... > can configure forwarding rules via a webpage hosted by the ISP. ... In my experience the Cable Modem and DSL ...
    (alt.computer.security)
  • Re: Help in choosing ISP for USA Canada
    ... Canada), is hopeless. ... any advice for me on what ISP might be best suited? ... an additional cost, but that you must add to the monthly cost of your ISP. ... That news server has a modest charge for the year, so that won't amount to much, but it doesn't support all the NG's, and I believe it does not include the binaries. ...
    (soc.retirement)