Full Disclosure mailing list archives
Re: SQL Slammer - lessons learned
From: Helmut Springer <delta () FaVeVe Uni-Stuttgart de>
Date: Sun, 9 Feb 2003 21:29:46 +0100
On 09 Feb 2003 at 20:36 +0100, Schmehl, Paul L wrote:
All this is well and good, but I have a really hard time understanding why we need to route insecure networking protocols such as NetBIOS, CIFS, NFS or NIS across the Internet. Just closing those ports would do a world of good for the Internet as a whole, and who in the world would it hurt?
It is not the part of the phone company to decide what topics can be discussed in a phone call. Neither is it the part of ISP to decide what traffic their customers are able to transmit.
If the Internet is going to survive in any viable fashion, we have to come to our senses when it comes to allowable services.
Internet is the ability to send ip packets from one node to another.
The uncontrolled access to networking services on home computers and poorly secured commercial networks is the root cause behind a lot of the problems that exist on the Internet today - worms, virus, trojans, etc. Ports 139 and 445, *at a minimum*, should be closed (to the outside) on every network in the world.
At is not your part to decide if my system at home is secure or not.
Are you really willing to demand your "freedom" in the face of the overwhelming odds that leaving those ports open will do more harm than good?
Of course. Otherwise shut down all telephone lines immediately, there are overwhelming odds planned, organized and conducted over those. -- MfG/Best regards, "A Feature you cannot disable is helmut springer considered a bug" comp.os.unix _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: SQL Slammer - lessons learned, (continued)
- RE: SQL Slammer - lessons learned Cushing, David (Feb 05)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 05)
- RE: SQL Slammer - lessons learned John . Airey (Feb 06)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)
- RE: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)
- RE: SQL Slammer - lessons learned John . Airey (Feb 07)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 07)
- Re: SQL Slammer - lessons learned David Howe (Feb 07)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 07)
- Re: SQL Slammer - lessons learned David Howe (Feb 07)
- RE: SQL Slammer - lessons learned Schmehl, Paul L (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- Re: SQL Slammer - lessons learned Georgi Guninski (Feb 09)
- Re: SQL Slammer - lessons learned yossarian (Feb 09)
- RE: SQL Slammer - lessons learned Steve Wray (Feb 09)
- RE: SQL Slammer - lessons learned Schmehl, Paul L (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- RE: SQL Slammer - lessons learned Steve Wray (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- RE: SQL Slammer - lessons learned John . Airey (Feb 10)
- RE: SQL Slammer - lessons learned John . Airey (Feb 10)
- Re: SQL Slammer - lessons learned David Howe (Feb 10)
- RE: SQL Slammer - lessons learned Schmehl, Paul L (Feb 10)
(Thread continues...)
- RE: SQL Slammer - lessons learned Cushing, David (Feb 05)