[136781] in North American Network Operators' Group
Re: quietly....
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Feb 4 21:09:50 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <4D4CA73E.1030003@brightok.net>
Date: Fri, 4 Feb 2011 18:05:58 -0800
To: Jack Bates <jbates@brightok.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 4, 2011, at 5:26 PM, Jack Bates wrote:
> On 2/4/2011 6:27 PM, Owen DeLong wrote:
>>> Hell, even without CPE doing it, many residential ISPs (regardless =
of NAT) block inbound traffic to consumers.
>>> > =20
>> Really? And they have subscribers? Surprising.
>>=20
>=20
> Mark Andrews wrote:
>> I run machines all the time that don't have firewall to protect
>> them from the big wide world out there. I suspect we all do. Your
>> not behind a external firewall when you are at NANOG or IETF.
>> Everyone doesn't suddenly get "owned" because there isn't a external
>> firewall. Modern OS's default to secure.
>=20
> Yes, and some of you thanked us for blocking RPC in the ISP or in the =
cable modems. Many such blocks are still in place in many ISPs as there =
was no reason to ever remove them. TCP/25 outbound is often blocked in =
many locations as well. Just because you don't notice the firewall, =
doesn't mean it doesn't exist. We stay in business when you don't =
notice. :)
>=20
>=20
> Jack
True... If you review the NANOG archives you'll find that at least in =
the case
of the port 25 absurdity, I have noticed and have railed against it.
Owen
