TCP and UDP Port 0 - Should an ISP or ITP Block it?
K. Scott Helms
kscott.helms at gmail.com
Tue Aug 25 11:27:33 UTC 2020
Douglas,
I think a fairly easy thing to do is see what other large retail ISPs have
done. Comcast, as an example, lists all of the ports they block and 0 is
blocked. I do recommend that port 0 be blocked by all of the ISPs I work
with and frankly Comcast's list is a pretty good one to use in general,
though you will get some pushback on things like SMTP.
https://www.xfinity.com/support/articles/list-of-blocked-ports
Transit providers are a little bit different, but then again port 0 is also
different since AFAIK it's never had a legitimate use case. It's always
been a reserved port. I'd personally block it if I ran a transit, but I'd
be more willing to open it up for one of my large customers (in a limited
way) than I would on the retail side.
https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
Scott Helms
On Tue, Aug 25, 2020 at 7:16 AM Douglas Fischer <fischerdouglas at gmail.com>
wrote:
> I think that the subject of the e-mail is very self-explanatory.
>
> With some analysis of what is running over our network, ISP or ITP, we
> will be able to see some TCP/UDP(mostly UDP) packets with source or
> destination to port 0.
>
> I can think of a genuine use of it.
> (Maybe someone cloud help me see what I'm not seen.)
>
> So I have two questions:
>
> a) Should an ISP block that Kind of traffic?
> (like anti-spoofing on BNG/B-RAS)
>
> b) Should a Transit Provider block that Kind of traffic?
>
>
> --
> Douglas Fernando Fischer
> Engº de Controle e Automação
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200825/889248f3/attachment.html>
More information about the NANOG
mailing list