What if it doesn't affect the ISP? (was Re: What do you want your ISP to block today?)

• Previous message (by thread): What if it doesn't affect the ISP? (was Re: What do you want your ISP to block today?)
• Next message (by thread): What if it doesn't affect the ISP? (was Re: What do you want your ISP to block today?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 31 Aug 2003, Matthew Palmer wrote:

> dodgy behaviour (spoofed source addresses, for one).  Yes, port 135 is a
> known vector, and so is 4444 now, but they have their legitimate uses.  If

OK, here's an alternative viewpoint.

We're an ISP. I'm blocking 135 and the other netbios ports inbound on my
clients dial-up/dsl lines because if I didn't, the lines would be useless.

Client side firewalls are great, but by the time they can do anything the
traffic is already over the line. It doesn't take much traffic at all to
overload a dial-up, and every virus flare-up puts a noticeable impact on DSL
lines.

I'll unblock for a client that asks. The only one who asked, sheepishly
asked for it to be put back less than an hour later. They couldn't do
anything with the line.

It's all well and good to say how things 'should' be, but reality has a way
of not caring how things should be.


==========================================================
Chris Candreva  -- chris at westnet.com -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/

• Previous message (by thread): What if it doesn't affect the ISP? (was Re: What do you want your ISP to block today?)
• Next message (by thread): What if it doesn't affect the ISP? (was Re: What do you want your ISP to block today?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]