nanog mailing list archives
Re: What do you want your ISP to block today?
From: "William Devine, II" <william () smartguys net>
Date: Wed, 3 Sep 2003 14:14:59 -0500
I would think that any company that outsourced exchange services to another entity would want either a VPN between their two offices or a direct PtP link. But I also know that the most logical method is not always understandable to the pointy haired people. william ----- Original Message ----- From: "Sean Donelan" <sean () donelan com> To: "Johannes Ullrich" <jullrich () euclidian com> Cc: <nanog () merit edu> Sent: Wednesday, September 03, 2003 1:51 PM Subject: Re: What do you want your ISP to block today?
On Wed, 3 Sep 2003, Johannes Ullrich wrote:I just summarized my thoughts on this topic here: http://www.sans.org/rr/special/isp_blocking.php Overall: I think there are some ports (135, 137, 139, 445), a consumer ISP should block as close to the customer as they can.If ISPs had blocked port 119, Sobig could not have been distributed via USENET. Perhaps unbelievably to people on this mailing list, many people legitimately use 135, 137, 139 and 445 over the open Internet everyday. Which protocols do you think are used more on today's Internet? SSH or NETBIOS? Some businesses have create an entire industry of outsourcing Exchange service which need all their customers to be able to use those ports. http://www.mailstreet.net/MS/urgent.asp http://dmoz.org/Computers/Software/Groupware/Microsoft_Exchange/ If done properly, those ports are no more or less "dangerous" than any other 16-bit port number used for TCP or UDP protocol headers. But we need to be careful not to make the mistake that just because we don't use those ports that the protocols aren't useful to other people.
Current thread:
- Re: What do you want your ISP to block today?, (continued)
- Re: What do you want your ISP to block today? Rob Thomas (Sep 03)
- Re: What do you want your ISP to block today? Petr Swedock (Sep 03)
- Re: What do you want your ISP to block today? Johannes Ullrich (Sep 03)
- Real network failure causes Was: What do you want your ISP to block today? Ian Mason (Sep 04)
- Re: Real network failure causes Was: What do you want your ISP to block today? Joe Abley (Sep 04)
- RE: What do you want your ISP to block today? David Schwartz (Sep 03)
- Re: What do you want your ISP to block today? Owen DeLong (Sep 03)
- Re: What do you want your ISP to block today? [OT] Gabriel (Sep 03)
- Re: What do you want your ISP to block today? Randy Bush (Sep 03)
- Re: What do you want your ISP to block today? alex (Sep 03)
- Re: What do you want your ISP to block today? William Devine, II (Sep 03)
- RE: What do you want your ISP to block today? Matthew Kaufman (Sep 03)
- RE: What do you want your ISP to block today? Johannes Ullrich (Sep 03)
- Re: What do you want your ISP to block today? Jack Bates (Sep 04)