How to secure the Internet in three easy steps
William Warren
hescominsoon at adelphia.net
Mon Oct 28 02:03:04 UTC 2002
actually with the merger of At&t and comcast most cable inet customers
will be through them.
Joseph Barnhart wrote:
> Not really
>
> On Sun, 27 Oct 2002, Matthew S. Hallacy wrote:
>
>
>>On Sun, Oct 27, 2002 at 02:35:23PM -0500, Eric M. Carroll wrote:
>>
>>>Sean,
>>>
>>>At Home's policy was that servers were administratively forbidden. It
>>>ran proactive port scans to detect them (which of course were subject to
>>>firewall ACLs) and actioned them under a complex and changing rule set.
>>>It frequently left enforcement to the local partner depending on
>>>contractual arrangements. It did not block ports. Non-transparent
>>>proxing was used for http - you could opt out if you knew how.
>>>
>>>While many DSL providers have taken up filtering port 25, the cable
>>>industry practice is mostly to leave ports alone. I know of one large
>>
>>Untrue, AT&T filters the following *on* the CPE:
>>
>>Ports / Direction / Protocol
>>
>>137-139 -> any Both UDP
>>any -> 137-139 Both UDP
>>137-139 -> any Both TCP
>>any -> 137-139 Both TCP
>>any -> 1080 Inbound TCP
>>any -> 1080 Inbound UDP
>>68 -> 67 Inbound UDP
>>67 -> 68 Inbound UDP
>>any -> 5000 Inbound TCP
>>any -> 1243 Inbound UDP
>>
>>And they block port 80 inbound TCP further out in their network. Overall,
>>cable providers more heavily than cable providers.
>>
>>I'd say that AT&T represents a fair amount of the people served via cable
>>internet.
>>
>>
>>>Regards,
>>>
>>>Eric Carroll
>>
>>--
>>Matthew S. Hallacy FUBAR, LART, BOFH Certified
>>http://www.poptix.net GPG public key 0x01938203
>>
>
>
>
>
> -------------------------
> Joseph Barnhart
> Florida Digital Turnpike
> Network Administrator
> http://www.fdt.net
> http://www.agilitybb.net
> -------------------------
>
>
>
>
>
>
--
May God Bless you and everything you touch.
My "foundation" verse:
Isiah 54:17 No weapon that is formed against thee shall prosper; and
every tongue that shall rise against thee in judgment thou shalt
condemn. This is the heritage of the servants of the LORD, and their
righteousness is of me, saith the LORD.
More information about the NANOG
mailing list