[Dshield] should ISPs close ports (was: Windows Messenger Popup Spam on UDP Port 1026)

Mark Tombaugh mtombaugh at alliedcc.com
Mon Jun 23 15:41:11 GMT 2003


The problem with all this stuff is the definition 
of the border. The border,  
whether its at the co-lo or a commercial IP, is 
the public IP(s) that is/are  
assigned by the ISP. The border is not the ISPs 
gateway. As soon as an ISP  
starts to filter any ports at their gateway, they 
no longer offer Internet  
access to any of the filtered IPs, and essentially 
nullify all of their  
contracts with their IP subscribers. 
 
If ISPs want to filter at their gateways, they 
need to make this absolutely  
clear to all of their clients, and they should not 
be allowed to market  
"Internet Access". 
 
Filtering a single port, or a group of them, to 
permanently address a problem  
is still just a workaround. Its like building a 
door in a desert without a  
wall. Someone can easily go around it. That being 
said, ISPs that filter 1  
port, will naturally filter more over time, making 
the Internet a really  
frustrating place to work & play. 
 
Every port, TCP, UDP, whatever, is used for valid 
purposes. None of them  
should be discarded because of a single vendor or 
service causing a pile of  
problems (cough MS).  
 
IMO, the suck of worms & spam does not outweigh 
the kickass of freedom.  
Lets keep it that way by working to eliminate the 
worms & spam & such, not by  
working to eliminate the freedom. 
 
::ducks and runs for cover:: 
 




More information about the list mailing list