[Dshield] Re: [Full-Disclosure] Windows Messenger Popup SpamonUDP Port 1026
security at admin.fulgan.com
Thu Jun 26 09:09:15 GMT 2003
I think that everyone in this discussion (including me) has failed to
bring up an important point: not all users are equals.
I am sitting behind my corporate firewall, tightly loaded with
security features and filters that allows me (and my coworkers) to
enjoy usage of Internet without much of it's hassle. Yes, some things
still get through but that's way less than what I'd have without that
At home, I have a DSL router configured to do NAT and that includes a
crude but effective firewalling feature. That means I can also be
relatively sure that I'm blocking most of the net's nastiness. Same
goes for all the friends and family member who have asked me to take
care of their connection to Internet.
Now, this means that I'm not in need of my provider blocking any ports
in or out: I can do that myself. But this isn't the norm, as far as I
can tell: many people, including all of these that needs to "disable
the messenger service" are not as well protected as I am. These are
the ones that need to be protected.
So why not apply to port blocking what was sucessfuly applied to other
area of computing: by default, have the ISP block dangerous ports and
allow them to disable this feature. It even shouldn't be that complex:
my ISP has a similar way of handling transparent web cache: it's
enabled by default but you can go to your account's web page and for
it to be disabled.
I would think of it as an acceptable solution and I think many of you
would too (fee free to disagree, of course).
Another option is simply to have different contracts for "home users"
and for "experts and business".
RL> Point being that the 'internet' is not a safe or adequately regulated
RL> environment. One can not assume that "Seat Belts" save lives - facts have
RL> proven they do.. just as with blocking ports save corporations trillions of
More information about the list