[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1044476474.798.20.camel@bobby>
From: nicob at nicob.net (Nicob)
Subject: SQL Slammer - lessons learned
On Wed, 2003-02-05 at 16:38, Paul Schmehl wrote:
> Can you think of a legitimate reason why ISPs should allow ports
> 135-139/TCP/UDP to be open to the Internet? How about port 445/UDP?
IMO, it's not to the ISP to choose wich ports and services should I use.
I pay it (sort of) for a pipe running from my home-computer to the wild
Internet and *that's all*.
I don't want some "services" like transparent proxies, AV scanning at
the mail relay or port filtering. I just want a pipe ...
> What about the ISPs whose policy it is to not allow
> customers to run servers?
That's another problem.
If I ask for a pipe, I want a pipe.
If I ask for a discount ADSL access with limited amount of trafic and no
allowed hosting (HTTP, FTP, SMTP, SSH, ...), the ISP can restrict the
inbound ports.
If the next big vuln/worm is a SSH one, would you agree with an ISP
blocking inbound TCP/22 and forbidding to users to connect to their
home-LAN to check mails, get some files, start the coffe-maker or manage
downloads ?
Nicob
Powered by blists - more mailing lists