[Dshield] should ISPs close ports (was: Windows Messenger Popup Spam on UDP Port 1026)
mtombaugh at alliedcc.com
Mon Jun 23 15:41:11 GMT 2003
The problem with all this stuff is the definition
of the border. The border,
whether its at the co-lo or a commercial IP, is
the public IP(s) that is/are
assigned by the ISP. The border is not the ISPs
gateway. As soon as an ISP
starts to filter any ports at their gateway, they
no longer offer Internet
access to any of the filtered IPs, and essentially
nullify all of their
contracts with their IP subscribers.
If ISPs want to filter at their gateways, they
need to make this absolutely
clear to all of their clients, and they should not
be allowed to market
Filtering a single port, or a group of them, to
permanently address a problem
is still just a workaround. Its like building a
door in a desert without a
wall. Someone can easily go around it. That being
said, ISPs that filter 1
port, will naturally filter more over time, making
the Internet a really
frustrating place to work & play.
Every port, TCP, UDP, whatever, is used for valid
purposes. None of them
should be discarded because of a single vendor or
service causing a pile of
problems (cough MS).
IMO, the suck of worms & spam does not outweigh
the kickass of freedom.
Lets keep it that way by working to eliminate the
worms & spam & such, not by
working to eliminate the freedom.
::ducks and runs for cover::
More information about the list