RE: SQL Slammer - lessons learned

[Nicob <nicob () nicob net>]

On Wed, 2003-02-05 at 16:38, Paul Schmehl wrote:

> Can you think of a legitimate reason why ISPs should allow ports
> 135-139/TCP/UDP to be open to the Internet?  How about port 445/UDP? 

IMO, it's not to the ISP to choose wich ports and services should I use.
I pay it (sort of) for a pipe running from my home-computer to the wild
Internet and *that's all*.

I don't want some "services" like transparent proxies, AV scanning at
the mail relay or port filtering. I just want a pipe ...

> What about the ISPs whose policy it is to not allow
> customers to run servers?

That's another problem.

If I ask for a pipe, I want a pipe.
If I ask for a discount ADSL access with limited amount of trafic and no
allowed hosting (HTTP, FTP, SMTP, SSH, ...), the ISP can restrict the
inbound ports.

If the next big vuln/worm is a SSH one, would you agree with an ISP
blocking inbound TCP/22 and forbidding to users to connect to their
home-LAN to check mails, get some files, start the coffe-maker or manage
downloads ?


Nicob




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html