[Dshield] paper about port blocking

wbeckham wbeckham at yahoo.com
Wed Sep 3 20:50:10 GMT 2003

I've lost the original link to this article - could someone resend it?

- Wayne

-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Rick Leske
Sent: Wednesday, September 03, 2003 1:41 PM
To: General DShield Discussion List
Subject: RE: [Dshield] paper about port blocking

I'm all for it.. block all the ports for consumer class except those
necessary for 99.999999% of the population.. ie: 80, 20-21, 25, 53, 110,
443, etc..

The majority, if not all of the hack attacks, spam, pornography, etc..
banging against our core routers..  comes from hs home users whom should
not, and probably do not, have the education level to protect there data
and/or systems.  Why should home owners be forced to buy hardware
firewalls.. or even a software firewall solution just to stop some scumbag
hacker or spammer?

I truly wish/hope/pray that the IANA would declassify/reclassify porno,
wazoo, kazoo, or whatever other type of shielded 1st Amendment garbage, into
there own private ipv666 class... give me a choice of what "channel to use"
and I'd gladly pay double the monthly fee.



> -----Original Message-----
> From: list-bounces at dshield.org [mailto:list-bounces at dshield.org]On
> Behalf Of Jonathan Rickman
> Sent: Wednesday, September 03, 2003 3:13 PM - FamHost
> To: General DShield Discussion List
> Subject: Re: [Dshield] paper about port blocking
> On Tuesday 02 September 2003 21:53, Johannes Ullrich wrote:
> > I "polished" some of my arguments about blocking ports at consumer 
> > ISPs and put together a paper for the SANS reading room. If anybody 
> > is interested:
> I have a problem with this approach at a fundamental level. I pay my 
> ISP for a connection to the Internet, not the WWW. It is not their 
> place to determine how I use that connection (AUPs not withstanding). 
> Draconian measures such as those you are advocating would leave us 
> with nothing more
> than a watered down version of the present Internet. If I wanted
> that, I'd
> use AOL.

Virus Scanned and Filtered by http://www.FamHost.com E-Mail System.

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list