nanog mailing list archives

Re: zotob - blocking tcp/445

From: Petri Helenius <pete () he iki fi>
Date: Wed, 17 Aug 2005 18:56:21 +0300


Daniel Senie wrote:

One of the dangers is more and more stuff is being shoved over alimited set of ports. There are VPNs being built over SSL and HTTP tohelp bypass firewall rule restrictions. At some point we end up withanother protocol demux layer, and a non-standard one at that if wepush more and more restrictive filters out there. This in the long runis going to cause many problems.

Isn't SSL VPN exactly another protocol demux layer, though it might be astandard one?


Pete

Current thread:

Re: zotob - blocking tcp/445, (continued)
- - - Re: zotob - blocking tcp/445 (Aug 18)
  - Re: zotob - blocking tcp/445 Florian Weimer (Aug 17)
- Re: zotob - blocking tcp/445 Scott Weeks (Aug 15)
- RE: zotob - blocking tcp/445 Church, Chuck (Aug 15)
  - RE: zotob - blocking tcp/445 Christopher L. Morrow (Aug 15)
- RE: zotob - blocking tcp/445 Erik Amundson (Aug 15)
  - Re: zotob - blocking tcp/445 sthaug (Aug 16)
  - Re: zotob - blocking tcp/445 William Warren (Aug 17)
    - Re: zotob - blocking tcp/445 Andy Johnson (Aug 17)
    - Re: zotob - blocking tcp/445 Daniel Senie (Aug 17)
    - Re: zotob - blocking tcp/445 Petri Helenius (Aug 17)
    - Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 17)
- Re: zotob - blocking tcp/445 Sane Jiri (Aug 16)
- Re: zotob - blocking tcp/445 MARLON BORBA (Aug 16)
- RE: zotob - blocking tcp/445 Church, Chuck (Aug 16)
  - Re: zotob - blocking tcp/445 Valdis . Kletnieks (Aug 16)
    - Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 16)
    - Re: zotob - blocking tcp/445 Sean Donelan (Aug 16)
- Re: zotob - blocking tcp/445 Fergie (Paul Ferguson) (Aug 17)
- Re: zotob - blocking tcp/445 Roger Marquis (Aug 18)
  - Re: zotob - blocking tcp/445 Bill Nash (Aug 18)

(Thread continues...)