TCP and UDP Port 0 - Should an ISP or ITP Block it?

Tue Aug 25 15:19:40 UTC 2020

On Tue, Aug 25, 2020 at 4:15 AM Douglas Fischer
<fischerdouglas at gmail.com> wrote:
> a) Should an ISP block that Kind of traffic?

Hi Douglas,

Generally speaking the answer is NO, You should not presume that your
understanding of your customers' data traffic is sufficiently complete
or correct to make blocking decisions for them.

There are some major exceptions to this rule:

1. If your customer has directed you to apply your expertise and make
blocking decisions for you.

2. For commodity dynamic-IP (residential) accounts only, there is a
small set of "attractive nuisance" ports which it's reasonable to
exclude from your service offering. Generally email server to server
(port 25) and the historically poorly secured MS Windows LAN ports
(135-139, 445, and 1900). It's fair to tell these customers that (A)
they don't want to use those ports and (B) if they do want to use
those ports, buy the SOHO offering.

3. For low-dollar virtual server products it's not unreasonable to
block the same ports by default and for the same reasons, as long as
you're prepared to promptly remove the blocks upon request.

> b) Should a Transit Provider block that Kind of traffic?

Preemptively? Never. If I found my business transit provider was doing
this, I'd treat it as a breach of contract.

As for port 0 specifically, it doesn't really fit the attractive
nuisance mold. It's about as harmless (or harmful) as any random TCP
port. It doesn't particularly have a history of doing harm.

Regards,
Bill Herrin

-- 
William Herrin
bill at herrin.us
https://bill.herrin.us/