Full Disclosure mailing list archives

RE: SQL Slammer - lessons learned

From: Ron DuFresne <dufresne () winternet com>
Date: Thu, 6 Feb 2003 12:33:28 -0600 (CST)


I'm suspecting then alot of you must be just livid that most ISP' and
backbone providers are blocking those udp packets to those borked M$-sql
servers then?

There's certain traffic that just does not need to be passed beyond
certain borders, and can have bad effects if it does or is exposed.


Thanks,

Ron DuFresne


On 6 Feb 2003, Nicob wrote:

On Wed, 2003-02-05 at 16:38, Paul Schmehl wrote:

Can you think of a legitimate reason why ISPs should allow ports
135-139/TCP/UDP to be open to the Internet?  How about port 445/UDP?


IMO, it's not to the ISP to choose wich ports and services should I use.
I pay it (sort of) for a pipe running from my home-computer to the wild
Internet and *that's all*.

I don't want some "services" like transparent proxies, AV scanning at
the mail relay or port filtering. I just want a pipe ...

What about the ISPs whose policy it is to not allow
customers to run servers?


That's another problem.

If I ask for a pipe, I want a pipe.
If I ask for a discount ADSL access with limited amount of trafic and no
allowed hosting (HTTP, FTP, SMTP, SSH, ...), the ISP can restrict the
inbound ports.

If the next big vuln/worm is a SSH one, would you agree with an ISP
blocking inbound TCP/22 and forbidding to users to connect to their
home-LAN to check mails, get some files, start the coffe-maker or manage
downloads ?


Nicob




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: SQL Slammer - lessons learned, (continued)
- - - Re: SQL Slammer - lessons learned David LaPorte (Feb 05)
    - Re: SQL Slammer - lessons learned Niels Bakker (Feb 05)
    - Re: SQL Slammer - lessons learned Niels Bakker (Feb 05)
    - Re: SQL Slammer - lessons learned David Howe (Feb 06)
    - Re: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
    - Re: SQL Slammer - lessons learned Blue Boar (Feb 06)
    - Re: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
    - Re: SQL Slammer - lessons learned Blue Boar (Feb 06)
    - RE: SQL Slammer - lessons learned Nicob (Feb 06)
    - RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)
    - RE: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
    - Re: SQL Slammer - lessons learned Niels Bakker (Feb 06)
    - Re: SQL Slammer - lessons learned Steffen Dettmer (Feb 09)
    - Re: SQL Slammer - lessons learned yossarian (Feb 09)
- RE: SQL Slammer - lessons learned John . Airey (Feb 05)
- RE: SQL Slammer - lessons learned Cushing, David (Feb 05)
  - RE: SQL Slammer - lessons learned Paul Schmehl (Feb 05)
- RE: SQL Slammer - lessons learned John . Airey (Feb 06)
  - RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)
    - RE: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
- RE: SQL Slammer - lessons learned John . Airey (Feb 07)

(Thread continues...)