Verizon (FiOS) (Off Topic?) I have it!
Ben Scott
dragonhawk at gmail.com
Tue Jan 24 09:25:01 EST 2006
On 1/24/06, Fred <puissante at lrc.puissante.com> wrote:
> Just got set up with Fios ...
First, thank you for posting that. The technical details were very
interesting, and the commentary on what Verizon said, and the on-site
service they delivered, were equally so. I'm frankly amazed to hear
Verizon delivering such good service.
Next, I'm going to respond to a few of your statements that all
ultimately fall under the category heading of "Information Assurance"
-- what most people mean when they say "security". There may be some
mildly harsh words ahead. Don't take it too personally; I'm trying
to offer an honest critique.
> The person at Verizon Fios emphasized that what they meant is installing and
> running a "server class" computer at your home. I grilled her specifically
> about running a website off of a *workstation*, and she indicated to me that
> that would be perfectly OK, along with FTP, P2P, or anything else us geeks
> hold so dear.
I've been told all sorts of things by all manner of sales reps over
the years. I'm sure you have, too. Then when push comes to shove,
they say, "I'm sorry, sir, the representative you were speaking to was
mistaken." Verbal assurances are not worth the paper they're written
on.
You repeatedly state your Internet feed is of a critical nature. If
you really mean that, I suggest obtaining a written SLA (Service Level
Agreement) guaranteeing what you need. I'd be willing to bet Verizon
will refuse to provide such.
Point being: Big nasty evil ugly companies like Verizon are
notorious for pulling the rug out from under people. If you're
willing to take their word for it when their written documents say
otherwise, you may well end up deserving what you get.
> Comcast gave me
> hell recently about having port 80 open on my line (I was running a test web
> server and left it open) as well as spooking me out about knowing I was
> running multiple ssh connections *on a different port other than 22* and
> some other things as well. What, they were monitoring my connection and
> sniffing my packets?????
More then likely, after they discovered an open listener for a
well-known service they explicitly forbid. ISPs run sniffers all the
time. This should not be a surprise.
> I am *so glad* my email goes out encrypted across
> an ssl connection between my workstations and my dedicated servers.
Ummm.... yah. Email.
"Using encryption on the Internet is the equivalent of arranging an
armored car to deliver credit card information from someone living in
a cardboard box to someone living on a park bench." -- Gene "spaf"
Spafford
http://en.wikipedia.org/wiki/Security_theatre
> Besides I can download them with
> BitTorrent if I must.
Given the current legal climate with the media cartel suing everyone
they can find, you might want to think twice before posting about
downloading pirated content in a public forum such as this one. (But
hey, at least the connection to your mail relay was encrypted before
you broadcasted it to the entire world.)
There's paranoia, and then there is risk management. Paranoia is
thinking everyone is out to get you, and responding erratically in
ways that don't really help. Risk management is thinking everyone
is out to get you, and taking appropriate countermeasures to defend
against identified threats. It appears you are doing more of the
former then the latter.
-- Ben "Yah, I'm an asshole" Scott
More information about the gnhlug-discuss
mailing list