Re: Blocking port 135?

[Mans Nilsson <mansaxel () sunet se>]

Subject: Re: Blocking port 135? Date: Sat, Aug 02, 2003 at 08:09:47AM -0500 Quoting Jack Bates (jbates () brightok net):
> Depends on why you block and interfere. Intention plays a large part 
> according to law. 

If people can sue McDonalds for hot coffee, everything is possible. I'm European, so this does not apply, but I'd try 
to be very careful in .us.
> Many AUP/TOS aggreements have interesting no-server clauses. 

Not mine. And, I generally think that with such AUPen, one gets something
one step better than Minitel or I-Mode, which is not Internet. 
Yes, I'm one of those loud end-to-end guys.  

> - Setup detection systems and perform immediate contact on accounts that 
>  trigger the system to determine if it's legitimate or not. If not, bye 
> bye.

That is wiretapping in Sweden, and illegal without a court order.
I believe. Nobody has gone even close to taking it to court, and I
stay far away from it.

> Of course, this only stops outbound issues. It does nothing to prevent 
> inbound, and in the event of a worm, you'd better make sure you have 
> double and triple methodologies in place to stabalize your network. 

Some of our thinner access lines were up to 50% full when the Slammer hit. 
If there comes a much more evil worm than so, we do have OOB  access
to the entire core..  

-- 
Måns Nilsson         Systems Specialist
+46 70 681 7204         KTHNOC
                        MN1334-RIPE

CHUBBY CHECKER just had a CHICKEN SANDWICH in downtown DULUTH!

Attachment: _bin
Description: