[179040] in North American Network Operators' Group
Re: Frontier: Blocking port 22 because of illegal files?
daemon@ATHENA.MIT.EDU (Jeff Richmond)
Thu Mar 26 10:31:11 2015
X-Original-To: nanog@nanog.org
From: Jeff Richmond <jeff.richmond@gmail.com>
In-Reply-To: <D1398B6B.FDE9E%jason_livingood@cable.comcast.com>
Date: Thu, 26 Mar 2015 07:28:57 -0700
To: "Livingood, Jason" <Jason_Livingood@cable.comcast.com>
Cc: "Aaron C. de Bruyn" <aaron@heyaaron.com>,
NANOG mailing list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
All, I have reached out to Aaron privately for details, but we do not =
block port 22 traffic unless it is in direct response to an attack or =
related item. Please let me know directly if you have any specific =
questions.
Thanks,
-Jeff
> On Mar 26, 2015, at 7:09 AM, Livingood, Jason =
<Jason_Livingood@cable.comcast.com> wrote:
>=20
> ISPs are generally expected to disclose any port blocking. A quick =
Google search shows this is Frontier=92s list:
> http://www.frontierhelp.com/faq.cfm?qstid=3D277
>=20
> On 3/25/15, 10:31 PM, "Aaron C. de Bruyn" =
<aaron@heyaaron.com<mailto:aaron@heyaaron.com>> wrote:
>=20
> I've had a handful of clients contact me over the last week with
> trouble using SCP (usually WinSCP) to manage their website content on
> my servers. Either they get timeout messages from WinSCP or a message
> saying they should switch to SFTP.
>=20
> After getting a few helpful users on the phone to run some quick
> tests, we found port 22 was blocked.
>=20
> When my customers contacted Frontier, they were told that port 22 was
> blocked because it is used to transfer illegal files.
>=20
> I called them, and got the same ridiculous excuse.
>=20
> Just a friendly heads-up to anyone from Frontier who might be
> listening, I have a few additional ports you may wish to block:
>=20
> 80 - Allows users to use Google to search for illegal files
> 443 - Allows users to use Google to search for illegal files in a =
secure manner
> 69 - Allows users to trivially transfer illegal files
> 3389 - Allows users to connect to unlicensed Windows machines
> 179 - Allows users to exchange routes to illegal file shares
> 53 - Allows people to look up illegal names
>=20
> -A
>=20
