nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: zotob - blocking tcp/445

From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Tue, 16 Aug 2005 14:20:35 +0000 (GMT)


On Tue, 16 Aug 2005, Joe Maimon wrote:




Christopher L. Morrow wrote:


On Mon, 15 Aug 2005, surfer () mauigateway com wrote:




NetBIOS was never meant to be a WAN protocol, so no problem
in blocking it.



rule #1: do not be the Internet's Firewall
rule #2: see rule #1


Surely we realize that this discussion is not concerning the oft
repeated "Internet's Firewall" debate.


This is network self preservation. Otherwise the garbage will eventually
suffocate us all.


and again I point to the above rules. What your network can't handle
'scanning wise' is completely different from what the network I work on
can handle.

If your network is being jeopardized by some level of scanning they fix
that, but that is a local decision. Blindly stating "large isps filter
port X" is just disingenuous, there are certainly cases as exceptions,
most of which end with the ISP in question saying: "Wow that was a lot
more painful than we thought originally:("
Previous By Date Next
Previous By Thread Next

Current thread: