[60463] in North American Network Operators' Group
Re: Port blocking last resort in fight against virus
daemon@ATHENA.MIT.EDU (Simon Lyall)
Tue Aug 12 18:16:36 2003
Date: Wed, 13 Aug 2003 10:15:44 +1200 (NZST)
From: Simon Lyall <simon.lyall@ihug.co.nz>
To: <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.44.0308121059360.7051-100000@clifden.donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 12 Aug 2003, Sean Donelan wrote:
> This is the first trade publication I've seen that's covered some
> of the issues with ISPs blocking or not blocking ports.
>
>
> Port blocking last resort in fight against virus
> Long term problems can be caused by port blocking
> by Paul Brislen and James Niccolai, Auckland and San Francisco
>
> http://computerworld.co.nz/webhome.nsf/UNID/BEC6DE12EC6AE16ECC256D8000192BF7!opendocument
>
> "While some end users are calling for ISPs to block certain ports relating
> to the Microsoft exploit as reported yesterday (Feared RPC worm starts to
> spread), most ISPs are reluctant to do so."
Just a note that my manager Anand Lal is quoted in the article, he's said
that the quotes attributed to him are not correct.
We have put some port 135 blocks in however, probably only for a short
amount of time.
I've been looking at out traffic graphs and trying to decide if traffic
really is down 10-15% over the last 24 hours or it's just my imagination.
--
Simon Lyall. | Newsmaster | Work: simon.lyall@ihug.co.nz
Senior Network/System Admin | Postmaster | Home: simon@darkmere.gen.nz
Ihug Ltd, Auckland, NZ | Asst Doorman | Web: http://www.darkmere.gen.nz
