Filter NTP traffic by packet size?

Keegan Holley no.spam at comcast.net
Fri Feb 28 01:42:44 UTC 2014



On Feb 26, 2014, at 12:44 PM, Brandon Galbraith <brandon.galbraith at gmail.com> wrote:

> On Wed, Feb 26, 2014 at 6:56 AM, Keegan Holley <no.spam at comcast.net> wrote:
> > More politely stated, it’s not the responsibility of the operator to decide what belongs on the network and what doesn’t.  Users can run any services that’s not illegal or even reuse ports for other applications.  That being said commonly exploited ports (TCP 25 for example) are often blocked.  This is usually done to block or protect an application though not to single out a particular port number.
> 
> Don't most residential ISPs already block port 25 outbound? http://www.postcastserver.com/help/Port_25_Blocking.aspx
> 
> Blocking chargen at the edge doesn't seem to be outside of the realm of possibilities.

As I said, SMTP is blocked because it’s the default port for a commonly run and often misconfigured application.  Blocking the chargen port is definitely reasonable, but it’s not a popular application.  Most people use the port as an clever non-default port for some other service like ssh.




More information about the NANOG mailing list