nanog mailing list archives
Re: commonly blocked ISP ports
From: Luke Parrish <lukep () centurytel net>
Date: Wed, 14 Sep 2005 15:41:31 -0500
Not quite looking for tips to manage my network and ACL's or if should or should not be blocking, more looking for actual ports that other ISP's are blocking and why.
For example: port 5 worm 2.5 port 67 virus 8.2 At 03:12 PM 9/14/2005, Valdis.Kletnieks () vt edu wrote:
On Wed, 14 Sep 2005 14:42:56 CDT, Luke Parrish said:> We have a list, some reactive and some proactive, however we need to remove> ports that are no longer a threat and add new ones as they are published. All ports that are open are threats, at least potentially. What you *should* be doing is: a) When you block a new port due to a current exploit, log the fact.b) Work with customers/users to make sure they're patched, and that new machinesare patched before they go live. c) When probing for the port stops (which it never does), or some sufficient number of downstream boxes are patched and safe, remove the block. Either that, or block the world, and open ports on request. Remember - *you* are the only one on this list who really knows if a given port is a threat anymore....(And that's totally skipping all the noise about corporate firewalls versus ISPfirewalls and different expectations regarding security/transparency...)
Luke Parrish Centurytel Internet Operations 318-330-6661
Current thread:
- commonly blocked ISP ports Luke Parrish (Sep 14)
- Re: commonly blocked ISP ports Valdis . Kletnieks (Sep 14)
- Re: commonly blocked ISP ports Luke Parrish (Sep 14)
- Re: commonly blocked ISP ports Larry Smith (Sep 14)
- Re: commonly blocked ISP ports brett watson (Sep 14)
- Re: commonly blocked ISP ports Michael Tokarev (Sep 15)
- Re: commonly blocked ISP ports Jim Popovitch (Sep 15)
- Re: commonly blocked ISP ports Luke Parrish (Sep 14)
- Re: commonly blocked ISP ports Valdis . Kletnieks (Sep 14)
- Re: commonly blocked ISP ports Kim Onnel (Sep 15)
- Re: commonly blocked ISP ports Petri Helenius (Sep 15)
- Re: commonly blocked ISP ports John Kristoff (Sep 15)
- <Possible follow-ups>
- Re: commonly blocked ISP ports Scott Weeks (Sep 14)
- Re: commonly blocked ISP ports Fergie (Paul Ferguson) (Sep 14)