nanog mailing list archives
Re: zotob - blocking tcp/445
From: Gadi Evron <ge () linuxbox org>
Date: Tue, 16 Aug 2005 07:35:03 +0200
Randy Bush wrote:
I'm not nearly confident enough to decide on behalf of almost billion other people how they should benefit from the Internet and how not to.thanks for that!Indeed. Also see http://www.iab.org/documents/docs/2003-10-18-edge-filters.htmlas i just replied to a private message from an enterprise op, o backbone isps can not set their customers' security policy - some customers want to run billyware shares over the wan whether we advise it or not - some of us host security researchers, who have a taste for 445 and other nasty traffic o enterprise / site ops can set their users' security policies as that's part of their job and charter randy
I actually agree with you Chris and Steven. Point is though, that in a HUGE outbreak - sometimes you might even have to cause a self-DDoS and kill some of your services to parts of your networks or at all, to keep your net alive, not to mention secure.
As immediate critical measures, blocking tcp/445 might be an acceptable solution. Nobody is talking about censoring the Internet.
I believe that blocking port 445 is Good, just like I believe it will not get done by most and for Good reasons.
Every solution has its good applications - sometimes short-term, even Bad long term solutions. Thing is, how do they remain temporary rather than becoming perm.?
Gadi.
Current thread:
- zotob - blocking tcp/445 Gadi Evron (Aug 15)
- <Possible follow-ups>
- Re: zotob - blocking tcp/445 surfer () mauigateway com (Aug 15)
- Re: zotob - blocking tcp/445 Saku Ytti (Aug 15)
- Re: zotob - blocking tcp/445 Randy Bush (Aug 15)
- Re: zotob - blocking tcp/445 Saku Ytti (Aug 15)
- Re: zotob - blocking tcp/445 Steven M. Bellovin (Aug 15)
- Re: zotob - blocking tcp/445 Randy Bush (Aug 15)
- Re: zotob - blocking tcp/445 Daniel Golding (Aug 15)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 15)
- Re: zotob - blocking tcp/445 Randy Bush (Aug 15)
- Re: zotob - blocking tcp/445 Gadi Evron (Aug 15)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 15)
- Re: zotob - blocking tcp/445 Gadi Evron (Aug 15)
- Re: zotob - blocking tcp/445 Daniel Senie (Aug 16)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 16)
- Re: zotob - blocking tcp/445 Saku Ytti (Aug 15)
- Re: zotob - blocking tcp/445 Shane Amante (Aug 15)
- Re: zotob - blocking tcp/445 Valdis . Kletnieks (Aug 15)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 15)
- Re: zotob - blocking tcp/445 Randy Bush (Aug 16)