North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: What if it doesn't affect the ISP? (was Re: What do you wantyour ISP to block today?)

  • From: Christopher X. Candreva
  • Date: Sun Aug 31 10:51:53 2003

On Sun, 31 Aug 2003, Matthew Palmer wrote:

> dodgy behaviour (spoofed source addresses, for one).  Yes, port 135 is a
> known vector, and so is 4444 now, but they have their legitimate uses.  If

OK, here's an alternative viewpoint.

We're an ISP. I'm blocking 135 and the other netbios ports inbound on my
clients dial-up/dsl lines because if I didn't, the lines would be useless.

Client side firewalls are great, but by the time they can do anything the
traffic is already over the line. It doesn't take much traffic at all to
overload a dial-up, and every virus flare-up puts a noticeable impact on DSL
lines.

I'll unblock for a client that asks. The only one who asked, sheepishly
asked for it to be put back less than an hour later. They couldn't do
anything with the line.

It's all well and good to say how things 'should' be, but reality has a way
of not caring how things should be.


==========================================================
Chris Candreva  -- [email protected] -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/