Frontier: Blocking port 22 because of illegal files?

Eygene Ryabinkin rea+nanog at grid.kiae.ru
Thu Mar 26 04:21:45 UTC 2015


Wed, Mar 25, 2015 at 07:31:35PM -0700, Aaron C. de Bruyn wrote:
> Just a friendly heads-up to anyone from Frontier who might be
> listening, I have a few additional ports you may wish to block:
> 
> 80 - Allows users to use Google to search for illegal files
> 443 - Allows users to use Google to search for illegal files in a secure manner
> 69 - Allows users to trivially transfer illegal files
> 3389 - Allows users to connect to unlicensed Windows machines
> 179 - Allows users to exchange routes to illegal file shares
> 53 - Allows people to look up illegal names

Can't help to add that there are

 - port 21 that allow users to give commands to examine
   the existence and initiate transfers of illegal files;

 - ports 1025 - 65535 that allow users to create data streams
   to actually transfer illegal files in an (oh my) passive mode.

;)
-- 
Eygene Ryabinkin, National Research Centre "Kurchatov Institute"

Always code as if the guy who ends up maintaining your code will be
a violent psychopath who knows where you live.


More information about the NANOG mailing list