Re: SQL Slammer - lessons learned

[Georgi Guninski <guninski () guninski com>]

Schmehl, Paul L wrote:
..snip...
> Are you really willing to demand your "freedom" in the face of the
> overwhelming odds that leaving those ports open will do more harm than
> good?

I am willing to demand my freedom.
When I pay to an ISP for internet, I want to have all ports in/out working.
If I don't want something working, I filter it at *my* firewall.

When code red/nimbda hit some time ago on port 80, nobody suggested blocking 
port 80 for those II$, right? But when a worm hits on less popular port, people 
start attacking the symptoms, not the cause. Am I missing something?

Georgi Guninski
http://www.guninski.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html