Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: HTTP proxies, was Re: Operational Issues with 69.0.0.0/8...

  • From: Sean Donelan
  • Date: Fri Dec 06 15:30:52 2002

On Fri, 6 Dec 2002, Rob Thomas wrote:
> ] We now get to embark on another Five Year Plan to shut down
> ] open HTTP proxies.
>
> Indeed.  The number of open (and openly abused) proxies in my hacked
> device database, just from this year, is 21255.  That's just my own,
> small view of the problem.  Imagine the total number.  :/  Watch out
> for those TCP 1080, 3128, and 8080 flows.

And don't forget about the biggest of them all, open BIND proxies.  After
port 80, port 53 goes through almost as much.  A lot of times you don't
need to hack anything, software comes with relay/proxy/recursion enabled.
How do we get software vendors (free, pay, virus) to distribute software
with appropriate defaults?

We blocked port 25, and the spammers used other ports. Should we block IP
protocols 0-255, and ports 0-65535?  Should we move to the cable TV model,
you can watch only what we decide you can watch?  Users should be
receive-only?







Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.