nanog mailing list archives

Re: Blocking port 135?

From: Sean Donelan <sean () donelan com>
Date: Sat, 2 Aug 2003 14:56:19 -0400 (EDT)


On Sat, 2 Aug 2003, Jack Bates wrote:

Many AUP/TOS aggreements have interesting no-server clauses. Blocking
135 inbound to those systems would not breach "Internet access" as the
customer shouldn't have a server running on that port. The lack of <1024
filtering on such AUP/TOS services is courtesy really. If it's not a
problem to the network, the ISP generally doesn't care.


The Slammer worm was > 1024.

As someone else pointed out, if you want the ISP to provide you with a
completely "safe" network you will end up with something like Minitel.
ISPs do not control what Microsoft puts in its operating systems, bugs,
features or other things.  ISPs also did not control the introduction
of NCSA Mosaic, Real Streaming, IRC Chat or most of the other things.

Services which require the ISP to "update" their network are always
at a disadvantage, such as Multicast or IPv6.

Current thread:

Re: Blocking port 135?, (continued)
- - - Re: Blocking port 135? Jason Slagle (Aug 02)
    - RE: Blocking port 135? Bob German (Aug 02)
  - Re: Blocking port 135? Crist Clark (Aug 01)
    - Re: Blocking port 135? Justin Shore (Aug 03)
- Re: Blocking port 135? Jared Mauch (Aug 01)
- Re: Blocking port 135? Stephen Sprunk (Aug 01)
- RE: Blocking port 135? Chris Johnston (Aug 01)
- Re: Blocking port 135? Mans Nilsson (Aug 02)
  - Re: Blocking port 135? Jack Bates (Aug 02)
    - Re: Blocking port 135? Mans Nilsson (Aug 02)
    - Re: Blocking port 135? Sean Donelan (Aug 02)
    - Re: Blocking port 135? Christopher L. Morrow (Aug 02)
  - Re: Blocking port 135? Valdis . Kletnieks (Aug 03)
- RE: Blocking port 135? Drew Weaver (Aug 01)
- RE: Blocking port 135? Michel Py (Aug 02)