Full Disclosure mailing list archives
RE: SQL Slammer - lessons learned
From: Nicob <nicob () nicob net>
Date: 06 Feb 2003 11:41:53 +0100
On Wed, 2003-02-05 at 16:38, Paul Schmehl wrote:
Can you think of a legitimate reason why ISPs should allow ports 135-139/TCP/UDP to be open to the Internet? How about port 445/UDP?
IMO, it's not to the ISP to choose wich ports and services should I use. I pay it (sort of) for a pipe running from my home-computer to the wild Internet and *that's all*. I don't want some "services" like transparent proxies, AV scanning at the mail relay or port filtering. I just want a pipe ...
What about the ISPs whose policy it is to not allow customers to run servers?
That's another problem. If I ask for a pipe, I want a pipe. If I ask for a discount ADSL access with limited amount of trafic and no allowed hosting (HTTP, FTP, SMTP, SSH, ...), the ISP can restrict the inbound ports. If the next big vuln/worm is a SSH one, would you agree with an ISP blocking inbound TCP/22 and forbidding to users to connect to their home-LAN to check mails, get some files, start the coffe-maker or manage downloads ? Nicob _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: SQL Slammer - lessons learned, (continued)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 05)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 05)
- Re: SQL Slammer - lessons learned David LaPorte (Feb 05)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 05)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 05)
- Re: SQL Slammer - lessons learned David Howe (Feb 06)
- Re: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
- Re: SQL Slammer - lessons learned Blue Boar (Feb 06)
- Re: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
- Re: SQL Slammer - lessons learned Blue Boar (Feb 06)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 05)
- RE: SQL Slammer - lessons learned Nicob (Feb 06)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)
- RE: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 06)
- Re: SQL Slammer - lessons learned Steffen Dettmer (Feb 09)
- Re: SQL Slammer - lessons learned yossarian (Feb 09)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 05)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)