lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2D5914BDC6D4D411998200008368A2C8040F2133@hew01exhn1.corp.hansenet.com>
From: vogt at hansenet.com (vogt@...senet.com)
Subject: AW: Windows Messenger Popup Spam on UDP Port 10
	26

> > Due to widespread abuse, many ISPs have moved to block
> >inbound traffic on UDP port 135. It appears the spammers 
> have adapted,
> >so ISPs are urged to block UDP port 1026 inbound as well.
> 
> A professional ISP does not block any port. Blocking ports 
> can only be done on the customer side. The ISP does not know 
> which port i might need.

This isn't about you. The ISP also has a responsibility to protect
the internet at large. If millions of spam are sent each day because
the average user is too stupid to close off his proxy, then the
ISP can either shut him down, or block the proxy port. Obviously,
shutting down isn't an option for business reasons.


> If the customer is too stupid to even use a (personal) 
> firewall then it might be better not to use the internet.

I agree. However, that is not a serious option anymore. Fact is: Every
dummy and his grandma are using the Internet today. You won't be able
to change the fact, so we will all have to find ways to minimize
the damage.



Tom Vogt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ