nanog mailing list archives
Re: Open relays and open proxies
From: Jack Bates <jbates () brightok net>
Date: Thu, 24 Apr 2003 21:13:19 -0500
Jeff Kell wrote:
If we could somehow blackhole *only* SMTP inbound, that would be ideal, but I feel that blackholing all IP from/to those sites would be far too much collateral damage.
That's where the problem lies. We consider it inconvenient. Too often do we not take action because it would cause collateral damage. How many ISPs only warn their customers about worm/virus infection versus suspending the account until it is fixed? In the case of open proxies, the most highlighted damage is the sending of spam. However, these boxes can perform any server a hacker would like. To make it even nicer, there are dnsbl's out there to provide you a list of boxes that you can use to anonymize with. May not work with port 25, but how about port 80, 23, 21, 110, etc?
The risk is real. We just choose to ignore it. It will come back to haunt us. Forget port 25 blocks. zap the whole IP.
-Jack
Current thread:
- Re: Open relays and open proxies, (continued)
- Re: Open relays and open proxies Leo Bicknell (Apr 25)
- Re: Open relays and open proxies John Payne (Apr 25)
- RE: Open relays and open proxies David Schwartz (Apr 24)
- Re: Open relays and open proxies Paul Wouters (Apr 24)
- Re: Open relays and open proxies Joe St Sauver (Apr 24)
- Re: Open relays and open proxies Jeff Kell (Apr 24)
- Re: Open relays and open proxies Paul Vixie (Apr 24)
- Re: Open relays and open proxies Rob Thomas (Apr 24)
- Re: Open relays and open proxies Jeff Kell (Apr 24)
- Re: Open relays and open proxies John Payne (Apr 24)
- Re: Open relays and open proxies Jack Bates (Apr 24)
- Re: Open relays and open proxies Valdis . Kletnieks (Apr 25)
- Re: Open relays and open proxies Daniel Concepcion (Apr 25)
- Re: Open relays and open proxies Valdis . Kletnieks (Apr 25)
- Re: Open relays and open proxies John Payne (Apr 25)
- Re: Open relays and open proxies Daniel Concepcion (Apr 25)
- Re: Open relays and open proxies John Payne (Apr 25)
- Re: Open relays and open proxies Jack Bates (Apr 25)
- Re: Open relays and open proxies Adi Linden (Apr 25)
- Re: Open relays and open proxies Jeff Kell (Apr 24)
- Re: Open relays and open proxies jlewis (Apr 24)
- Re: Open relays and open proxies Paul Vixie (Apr 24)