North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Port blocking last resort in fight against virus
- From: Joe Provo
- Date: Thu Aug 14 16:30:14 2003
On Tue, Aug 12, 2003 at 12:11:48PM -0500, John Palmer wrote:
>Yes, some providers however react improperly to certain situations
> and do not listen to their paying customers.
> RCN in Chicago is one example. One day, they just started blocking
> outbound port 25 on their network. Now, I use other SMTP servers
> other than the RCN one. In my case, they're my servers and all I
> have to do is set up my SMTP to listen on an additional port. For
> others, they aren't so lucky and may have a legitimate gripe with
> them for censoring traffic.
If I recall correctly, that was a reaction to abuse, which was
done network wide for the basic class of residential customers.
Enforcement of a 'no servers' clause for HTTP is also common
among broadband providers.
But to get back on topic...
> In the case of 135-139, no one who uses these ports legitimatly
> should have a need to use them "in the wild" unless in a tunnel.
Yup. Back in the day good old windows 3.1 had access control
problems and tried to share information in classful broadcast
boundaries. Blocking these netb* ports was effective across-
the-board protection and anyone who called with an issue got
educated and fixed. This is all about the edges, and frankly
even with all messages regarding "The Backbone", I can't think
about any "backbone" who isn't an edge. Everyone should police
their edges for their own customers' sake, and be willing to
help customers' policing efforts when asked.
Seems there's an undercurrent of willfull ignorance that
perpetuates all sorts of abuse. Once upon a time we studied
for what purpose our networks were used, and were able to
optimize for the traffic that was in demand, making customers
happy. There just happened to be a side effect of squashing
badness that was purposeful along with that which was just
'brokeness'. Perhaps if we were all paying more attention
to what purposes the networks were being used, even if it is
because of brokeness this time, we'd wind up optimizing and
making customers happy?
I'm all for the invisible system administrator and the
transparent network, but there is a business case for visible
differentiation, giving the customers a reason to stay. It
is nice when that differentiation isn't based on marketing
glossies and run-from-chapter-11 fire sale pricing but the
actual (technical) product.
RSUC / GweepNet / Spunk / FnB / Usenix / SAGE