North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: zotob - blocking tcp/445
- From: Erik Amundson
- Date: Tue Aug 16 02:58:31 2005
I've always been kind of conflicted with this issue. I mean, providers
blocking traffic at all.
On the one hand, I'm a corporate customer, and if I'm being DOSed or
infected, I would want to be able to call my ISP and have it blocked.
On the other hand, I truly feel that I pay my ISPs to pass traffic, not
I guess it only bugs me when something is blocked and I didn't even ask
for it to be blocked...and then other stupid things are seeping through,
but are not blocked even when I ask!
If ISPs really wanted to make the Internet better for Corporate America,
I guess they'd unplug most of Asia...not block a port here and there
(but that isn't exactly acceptable).
Anways, like I said, I'm conflicted...I change my mind every now and
then because both arguments make logical sense.
From: firstname.lastname@example.org [mailto:email@example.com] On Behalf Of
Sent: Tuesday, August 16, 2005 12:58 AM
To: Christopher L. Morrow
Subject: Re: zotob - blocking tcp/445
> Do not become the internet firewall for your large customer base...
> it's bad.
Okay, so please allow me to alter the argument a bit.
Say we agreed on:
1. Security is THEIR (customers') problems, not yours.
2. You are not the Internet's firewall.
That would mean you would still care about:
1. You being able to provide service.
2. Your own network being secure (?)
In a big outbreak, not for the WHOLE Internet, I'd use whatever I can.
It can easily become an issue of my network staying alive.
Blocking that one port then might be a viable solution to get a handle
on things and calm things down.
Naturally though you are right again, it is a case-by-case issue and can
not be discussed in generalities.