[Dshield] ISP Responsibity...

Patrick St. Jean stjeanp at pat-st-jean.com
Sun Aug 21 14:04:03 GMT 2005


Mrcorp wrote:
> I dont know, as I read this thread, it worries me that some of you are actually in favor of an ISP
> shutting down ports as it feels it should.  To me that is not appropriate.  Once an ISP shuts
> down, lets say 445, the attackers will attack another port, lets say 25.  So the attackers move to
> terminal services, and that gets shut down.  Before we know it, all ports are closed and we can
> barely surf the Internet.  Shutting down ports is not an answer.  its reactive and completly self
> defeats the Internet.  I want to be able to port scan from my computer, for business reasons, I
> want to be able to terminal service out and so on.
> 
> If the some feel it is the right thing to do, perhaps an ISP could offer a special service, of all
> ports but 80 closed.  Maybe they could charge $5 more, and I bet it would be successful and many
> people would use it, because, for whatever reason, they could not set up a firewall ont heir end.

Please don't take this the wrong way, but it sounds like you want to 
have your cake and eat it too.  You're wanting a fat, wide open pipe 
that you can do whatever you want with without your ISP saying a thing. 
  But that's exactly what we don't need because it does create a host of 
problems with viruses (virii?), worms, script kiddies, etc.

So how about the alternative.  You pay more for that privilege so that 
the ISP can pay for the measures needed to make sure you don't abuse 
that extra access.

There's no reason why my sainted mother needs to be able to port scan to 
her heart's content.  I think she's more represenative of the real 
residential customer base.  It sounds like what you need is more of a 
business/professional grade product that gives you more access.

We've either got to trade freedom for security (and yes, I know the 
quote) or deal with the crap that keeping everything wide open makes 
possible.

Pat

-- 
Pat in Lewisville            K0OOK                  '97 XLH 883 (Rocinante)
BS#140                                                  EKIII rides with me
http://www.pat-st-jean.com/                       http://www.bikerscum.org/



More information about the list mailing list