Re: SQL Slammer - lessons learned

[Steffen Dettmer <steffen () dett de>]

* Paul Schmehl wrote on Wed, Feb 05, 2003 at 09:38 -0600:
> On Wed, 2003-02-05 at 06:55, John.Airey () rnib org uk wrote:
> > How the ports are managed by the ISPs is up to them. We have
> > a managed router where we block everything we can without
> > breaking legitimate access.  However, not having a practical
> > option to block certain ports is a problem.  My point was on
> > the allocation and use by TCP/IP stacks.
> Can you think of a legitimate reason why ISPs should allow
> ports 135-139/TCP/UDP to be open to the Internet?  How about
> port 445/UDP?  Many ISPs now block port 25/TCP (for obvious
> reasons.)  Why not other service ports?  

Are that InternetServiceProviders or InternetServiceCensors?

I feel free to implement an own strange private protocol using
UDP 135 and I pay the ISP for routing this. I don't see any
responsibility for ISPs to care about the content.

oki,

Steffen

-- 
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html