Re: TCP and UDP Port 0 - Should an ISP or ITP Block it?

["K. Scott Helms" <kscott.helms () gmail com>]

Douglas,

I think a fairly easy thing to do is see what other large retail ISPs have
done.  Comcast, as an example, lists all of the ports they block and 0 is
blocked.  I do recommend that port 0 be blocked by all of the ISPs I work
with and frankly Comcast's list is a pretty good one to use in general,
though you will get some pushback on things like SMTP.

https://www.xfinity.com/support/articles/list-of-blocked-ports

Transit providers are a little bit different, but then again port 0 is also
different since AFAIK it's never had a legitimate use case.  It's always
been a reserved port.  I'd personally block it if I ran a transit, but I'd
be more willing to open it up for one of my large customers (in a limited
way) than I would on the retail side.

https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml


Scott Helms



On Tue, Aug 25, 2020 at 7:16 AM Douglas Fischer <fischerdouglas () gmail com>
wrote:

> I think that the subject of the e-mail is very self-explanatory.
>
> With some analysis of what is running over our network, ISP or ITP, we
> will be able to see some TCP/UDP(mostly UDP) packets with source or
> destination to port 0.
>
> I can think of a genuine use of it.
> (Maybe someone cloud help me see what I'm not seen.)
>
> So I have two questions:
>
> a) Should an ISP block that Kind of traffic?
> (like anti-spoofing on BNG/B-RAS)
>
> b) Should a Transit Provider block that Kind of traffic?
>
>
> --
> Douglas Fernando Fischer
> Engº de Controle e Automação