Re: about udp 80,8080,0

[Truman Boyes <truman () suspicious org>]

On 10/02/2010, at 5:01 AM, Jeffrey Lyon wrote:

> If you don't need UDP, disallow it to your entire network or to the
> /xx where such is applicable. We have basic filters like this with our
> carriers upstream and have prevented several Gbps of traffic from ever
> hitting our filters as a result.
>
> Jeff

While this may be suitable in small networks, this type of heavy handed control will simply cause you more problems in 
the long run. There are just too many applications that use UDP to restrict it to exceptions. UDP isn't the problem, 
it's just a method of the attack. 

Truman


> 2010/2/9 Michael Holstein <michael.holstein () csuohio edu>:
> > >    What does application use 8.8080,0 port for the proper purpose?
> >
> > I've seen newer BitTorrent clients do this (UDP is supported, and the
> > port can be arbitrary).
> >
> >
> > Cheers,
> >
> > Michael Holstein
> > Cleveland State University
>
>
>
> -- 
> Jeffrey Lyon, Leadership Team
> jeffrey.lyon () blacklotus net | http://www.blacklotus.net
> Black Lotus Communications of The IRC Company, Inc.
>
> Follow us on Twitter at http://twitter.com/ddosprotection to find out
> about news, promotions, and (gasp!) system outages which are updated
> in real time.
>
> Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 -
> 21 to find out how to "protect your booty."