Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Port blocking last resort in fight against virus

  • From: Sean Donelan
  • Date: Tue Aug 12 22:45:05 2003

On Tue, 12 Aug 2003, Randy Bush wrote:
> > Is it just me that feels that blocking a port which is known to be used
> > to perform billions of scans is only proper?
>
> the second, and important part of the, question is whether there
> are legitimate packets to that port which want to cross your border.
> for 135, i am not aware of any that should cross my site's border
> un-tunneled.

Who should determine what protocols can cross your site's border router?
You or your ISP (ignoring the fact a lot of people on this list are their
own ISP)?

80% or more of customers wouldn't notice if you blocked everything on
their connection except HTTP/HTTPS and DNS.  So why do ISPs let all
the other infection laden protocols reach their customers?

Fix spam - block port 25
Fix Slammer - block port 1434
Fix Blaster - block port 135
Fix KaZaA - block everything

I think filters/firewalls are usefull.  I believe every computer should
have one.  I have several.  I just disagree on who should control the
filters.





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.