[179041] in North American Network Operators' Group
Re: Frontier: Blocking port 22 because of illegal files?
daemon@ATHENA.MIT.EDU (Daniel Corbe)
Thu Mar 26 10:35:28 2015
X-Original-To: nanog@nanog.org
From: Daniel Corbe <corbe@corbe.net>
To: "Livingood\, Jason" <Jason_Livingood@cable.comcast.com>
Date: Thu, 26 Mar 2015 10:32:31 -0400
In-Reply-To: <D1398B6B.FDE9E%jason_livingood@cable.comcast.com> (Jason
Livingood's message of "Thu, 26 Mar 2015 14:09:52 +0000")
Cc: "Aaron C. de Bruyn" <aaron@heyaaron.com>,
NANOG mailing list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Nothing helps promote a free and open Internet more than micromanaging
your users' download activity.=20=20
Not really sure how someone comes to the conclusion that nobody really
*needs* ssh for anything.
"Livingood, Jason" <Jason_Livingood@cable.comcast.com> writes:
> ISPs are generally expected to disclose any port blocking. A quick Google=
search shows this is Frontier=E2=80=99s list:
> http://www.frontierhelp.com/faq.cfm?qstid=3D277
>
> On 3/25/15, 10:31 PM, "Aaron C. de Bruyn" <aaron@heyaaron.com<mailto:aaro=
n@heyaaron.com>> wrote:
>
> I've had a handful of clients contact me over the last week with
> trouble using SCP (usually WinSCP) to manage their website content on
> my servers. Either they get timeout messages from WinSCP or a message
> saying they should switch to SFTP.
>
> After getting a few helpful users on the phone to run some quick
> tests, we found port 22 was blocked.
>
> When my customers contacted Frontier, they were told that port 22 was
> blocked because it is used to transfer illegal files.
>
> I called them, and got the same ridiculous excuse.
>
> Just a friendly heads-up to anyone from Frontier who might be
> listening, I have a few additional ports you may wish to block:
>
> 80 - Allows users to use Google to search for illegal files
> 443 - Allows users to use Google to search for illegal files in a secure =
manner
> 69 - Allows users to trivially transfer illegal files
> 3389 - Allows users to connect to unlicensed Windows machines
> 179 - Allows users to exchange routes to illegal file shares
> 53 - Allows people to look up illegal names
>
> -A
