North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Providers removing blocks on port 135?
> However, I'm not convinced blocking port 25 on > dialups helps much with that. What it does > help with is preventing them from connecting to > open relays. We don't stop our dial customers from getting *to* anything. What we do have though are (optional) *inbound* filters that make sure no-one can connect to their privileged ports over TCP/IP, and a mandatory filter that says only our network can deliver to their SMTP service. We don't get problems with open-relays on dialups. We didn't have any problems with MS-Blaster on dialups either... I'm considering adding privileged port filters for UDP/IP too, although again it would be optional so that customers who run their own UDP/IP services can get their responses (i.e. cacheing DNS, IKE, NTP, etc). Ray
|