Re: SQL Slammer - lessons learned

[Helmut Springer <delta () FaVeVe Uni-Stuttgart de>]

On 09 Feb 2003 at 20:36 +0100, Schmehl, Paul L wrote:
> All this is well and good, but I have a really hard time
> understanding why we need to route insecure networking protocols
> such as NetBIOS, CIFS, NFS or NIS across the Internet.  Just
> closing those ports would do a world of good for the Internet as a
> whole, and who in the world would it hurt?

It is not the part of the phone company to decide what topics can be
discussed in a phone call.  Neither is it the part of ISP to decide
what traffic their customers are able to transmit.


> If the Internet is going to survive in any viable fashion, we have
> to come to our senses when it comes to allowable services.

Internet is the ability to send ip packets from one node to another.


> The uncontrolled access to networking services on home computers
> and poorly secured commercial networks is the root cause behind a
> lot of the problems that exist on the Internet today - worms,
> virus, trojans, etc.  Ports 139 and 445, *at a minimum*, should be
> closed (to the outside) on every network in the world.

At is not your part to decide if my system at home is secure or not.


> Are you really willing to demand your "freedom" in the face of the
> overwhelming odds that leaving those ports open will do more harm
> than good?

Of course.  Otherwise shut down all telephone lines immediately,
there are overwhelming odds planned, organized and conducted over
those.


-- 
MfG/Best regards,                   "A Feature you cannot disable is
helmut springer                      considered a bug"  comp.os.unix
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html