ISP port blocking practice

Robert E. Seastrom rs at seastrom.com
Wed Sep 8 19:52:27 UTC 2010


Owen DeLong <owen at delong.com> writes:

>> I know people at large ISPs with actual data.  Port 25 blocking is
>> quite effective.
>
> Does the data show that blocking was effective, as in the host
> didn't detect the block and proceed around it, or, merely that lots
> of hosts try the direct approach first?

Only a single data point and a few years old, but when I was at
Inter.Net, my personal cell phone number was in the OrgTechContact for
our blocks, we blocked port 25, and my cell phone rang like three
times in a period of three years for calls regarding our netblocks.
One was for "why is this machine scanning me?", two were "why is DNS
geodata broken?".  The latter two came within days of each other so
I'm thinking news story or something.  No spam complaints.

YMMV, I'd do it again in a heartbeat though if I were running consumer
edge.

-r






More information about the NANOG mailing list