nanog mailing list archives
Re: zotob - blocking tcp/445
From: Gadi Evron <ge () linuxbox org>
Date: Tue, 16 Aug 2005 07:58:01 +0200
[snip arguments]
Do not become the internet firewall for your large customer base... it's bad.
Okay, so please allow me to alter the argument a bit. Say we agreed on: 1. Security is THEIR (customers') problems, not yours. 2. You are not the Internet's firewall. That would mean you would still care about: 1. You being able to provide service. 2. Your own network being secure (?)In a big outbreak, not for the WHOLE Internet, I'd use whatever I can. It can easily become an issue of my network staying alive.
Blocking that one port then might be a viable solution to get a handle on things and calm things down.
Naturally though you are right again, it is a case-by-case issue and can not be discussed in generalities.
Gadi.
Current thread:
- Re: zotob - blocking tcp/445, (continued)
- Re: zotob - blocking tcp/445 Saku Ytti (Aug 15)
- Re: zotob - blocking tcp/445 Randy Bush (Aug 15)
- Re: zotob - blocking tcp/445 Saku Ytti (Aug 15)
- Re: zotob - blocking tcp/445 Steven M. Bellovin (Aug 15)
- Re: zotob - blocking tcp/445 Randy Bush (Aug 15)
- Re: zotob - blocking tcp/445 Daniel Golding (Aug 15)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 15)
- Re: zotob - blocking tcp/445 Randy Bush (Aug 15)
- Re: zotob - blocking tcp/445 Gadi Evron (Aug 15)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 15)
- Re: zotob - blocking tcp/445 Gadi Evron (Aug 15)
- Re: zotob - blocking tcp/445 Daniel Senie (Aug 16)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 16)
- Re: zotob - blocking tcp/445 Saku Ytti (Aug 15)
- Re: zotob - blocking tcp/445 Shane Amante (Aug 15)
- Re: zotob - blocking tcp/445 Valdis . Kletnieks (Aug 15)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 15)
- Re: zotob - blocking tcp/445 Randy Bush (Aug 16)