zotob - blocking tcp/445

• Previous message (by thread): zotob - blocking tcp/445
• Next message (by thread): zotob - blocking tcp/445
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Randy Bush wrote:
>>>>I'm not nearly confident enough to decide on behalf of almost
>>>>billion other people how they should benefit from the Internet
>>>>and how not to.
>>>
>>>thanks for that!
>>
>>Indeed.  Also see
>>http://www.iab.org/documents/docs/2003-10-18-edge-filters.html
> 
> 
> as i just replied to a private message from an enterprise op,
> 
>   o backbone isps can not set their customers' security policy
>     - some customers want to run billyware shares over the wan
>       whether we advise it or not
>     - some of us host security researchers, who have a taste
>       for 445 and other nasty traffic
> 
>   o enterprise / site ops can set their users' security policies
>     as that's part of their job and charter
> 
> randy
> 

I actually agree with you Chris and Steven. Point is though, that in a 
HUGE outbreak - sometimes you might even have to cause a self-DDoS and 
kill some of your services to parts of your networks or at all, to keep 
your net alive, not to mention secure.

As immediate critical measures, blocking tcp/445 might be an acceptable 
solution. Nobody is talking about censoring the Internet.

I believe that blocking port 445 is Good, just like I believe it will 
not get done by most and for Good reasons.

Every solution has its good applications - sometimes short-term, even 
Bad long term solutions. Thing is, how do they remain temporary rather 
than becoming perm.?

	Gadi.

• Previous message (by thread): zotob - blocking tcp/445
• Next message (by thread): zotob - blocking tcp/445
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]