Re: Port blocking last resort in fight against virus

["Christopher L. Morrow" <chris () UU NET>]

On Tue, 12 Aug 2003, Jack Bates wrote:

> Sean Donelan wrote:
> > http://computerworld.co.nz/webhome.nsf/UNID/BEC6DE12EC6AE16ECC256D8000192BF7!opendocument
> >
> > "While some end users are calling for ISPs to block certain ports relating
> > to the Microsoft exploit as reported yesterday (Feared RPC worm starts to
> > spread), most ISPs are reluctant to do so."
>
> Is it just me that feels that blocking a port which is known to be used
> to perform billions of scans is only proper? It takes time to contact,

and you are willing to open holes across your network for every tom, dick
or sally that wants to share files with their pal across town? (or off
your network)

If people want to use the network they need to take the responsibility and
patch their systems. Blocking should really only be considered in very
extreme circumstances when your network is being affected by the problem,
or if the overall threat is such that a short term network-wide block
would help get over the hump.