Frontier: Blocking port 22 because of illegal files?

Eygene Ryabinkin rea+nanog at
Thu Mar 26 04:21:45 UTC 2015

Wed, Mar 25, 2015 at 07:31:35PM -0700, Aaron C. de Bruyn wrote:
> Just a friendly heads-up to anyone from Frontier who might be
> listening, I have a few additional ports you may wish to block:
> 80 - Allows users to use Google to search for illegal files
> 443 - Allows users to use Google to search for illegal files in a secure manner
> 69 - Allows users to trivially transfer illegal files
> 3389 - Allows users to connect to unlicensed Windows machines
> 179 - Allows users to exchange routes to illegal file shares
> 53 - Allows people to look up illegal names

Can't help to add that there are

 - port 21 that allow users to give commands to examine
   the existence and initiate transfers of illegal files;

 - ports 1025 - 65535 that allow users to create data streams
   to actually transfer illegal files in an (oh my) passive mode.

Eygene Ryabinkin, National Research Centre "Kurchatov Institute"

Always code as if the guy who ends up maintaining your code will be
a violent psychopath who knows where you live.

More information about the NANOG mailing list