[mail_lists] Re: [Dshield] Re: [Full-Disclosure] Port Blocking
jconner at enterit.com
Sun Jun 29 08:57:33 GMT 2003
On Friday 27 June 2003 19:36, you wrote:
Some ISP's are taking things too far, imo. Up until this week, ports 21, 80,
and 25 were blocked. I could live with my ISP blocking those ports as they
are abused by some people. Now, here's the stinker! My ISP just started
blocking ALL incoming ports. Every one is blocked! I can't even ssh to my
machine anymore. I can't scp files between my machines and other remote
machines that I work on remotely. This is starting to tick me off! That is
just uncalled for in my opinion. I could get more service out of dialup back
in the day! ISPs are going too far, imo. I pay to get service TO and FROM
my machine. I don't abuse that ability as some do.
Im calling my ISP this week. Anyone else with SBC having the same problems?
| The ISP should just block the ports. If people (business and residential)
| need to run web, mail, p2p, mirc, crap, etc. then they should sign legal
| binding agreements, in the usa anyway, to be held legally and financially
| accountable for there actions.. or lack there of. The ISP could then
| throttle the pricing structure for us smaller ISP's to pass on a savings to
| our business customers.
| It's not a hard concept. Blocking ports is done every second of every day
| and usually at the boarder routers. ( the one that directly interfaces
| with the ISP )
| People don't own the internet - it's a shared world resource that requires
| shared world control. There is no way that all the countries would agree
| upon the philosophy of having the end user control there computers.. just
| won't happen. A sure and sufficient solution, imho, is to block the ports.
| A lot of ISP's, in the usa anyway, have and are continuing to block smtp
| port 25 for non business paying entities. Most sys admins block ports to
| help protect there corporate environments.
| I think this topic is over-stressed.. it's a non issue. All respondent
| parties have great arguments either way - but without some type of control
| the internet is designed to fail.
| ----- Original Message -----
| From: "Bjorn Stromberg" <bjorn at thechemistrylab.com>
| To: "General DShield Discussion List" <list at dshield.org>
| Sent: Friday, June 27, 2003 2:39 PM
| Subject: Re: [Dshield] Re: [Full-Disclosure] Port Blocking
| > "hire a sysadmin to secure their connection or become sufficiently
| > trained to do it themselves"
| > You say that like it takes some sort of awe-inspiring feat to increase
| > the baseline security of a system. Running Windows Update a couple times,
| > disabling NetBIOS over tcp/ip and Windows File and Print Sharing. These
| > things should be REQUIRED to have your cable or DSL modem set up.
| > It's up to the ISPs to be more responsive and responsible for the
| > on their network. Reports like those coming from DShield should be acted
| > You shouldn't have to pull teeth to get a misconfigured, infected,
| > spamming machine unplugged and fixed.
| > This is a case where it will require some actual work to do things the
| > way. Let's not take the easy way out and just block ports.
| > Bjorn Stromberg
| > Mid-Continent Testing Laboratories, Inc.
| > http://www.TheChemistryLab.com/
| > _______________________________________________
| > list mailing list
| > list at dshield.org
| > To change your subscription options (or unsubscribe), see:
| > ___________________________________________________________________
| > Virus Scanned and Filtered by http://www.FamHost.com E-Mail System.
| Virus Scanned and Filtered by http://www.FamHost.com E-Mail System.
| list mailing list
| list at dshield.org
| To change your subscription options (or unsubscribe), see:
More information about the list