[61709] in North American Network Operators' Group
Re: What do you want your ISP to block today?
daemon@ATHENA.MIT.EDU (William Devine, II)
Wed Sep 3 15:32:43 2003
From: "William Devine, II" <william@smartguys.net>
To: <nanog@merit.edu>
Date: Wed, 3 Sep 2003 14:14:59 -0500
Errors-To: owner-nanog-outgoing@merit.edu
I would think that any company that outsourced exchange services to another
entity would want either a VPN between their two offices or a direct PtP
link.
But I also know that the most logical method is not always understandable to
the pointy haired people.
william
----- Original Message -----
From: "Sean Donelan" <sean@donelan.com>
To: "Johannes Ullrich" <jullrich@euclidian.com>
Cc: <nanog@merit.edu>
Sent: Wednesday, September 03, 2003 1:51 PM
Subject: Re: What do you want your ISP to block today?
>
> On Wed, 3 Sep 2003, Johannes Ullrich wrote:
> > I just summarized my thoughts on this topic here:
> > http://www.sans.org/rr/special/isp_blocking.php
> >
> > Overall: I think there are some ports (135, 137, 139, 445),
> > a consumer ISP should block as close to the customer as
> > they can.
>
> If ISPs had blocked port 119, Sobig could not have been distributed
> via USENET.
>
>
> Perhaps unbelievably to people on this mailing list, many people
> legitimately use 135, 137, 139 and 445 over the open Internet
> everyday. Which protocols do you think are used more on today's
> Internet? SSH or NETBIOS?
>
> Some businesses have create an entire industry of outsourcing Exchange
> service which need all their customers to be able to use those ports.
>
> http://www.mailstreet.net/MS/urgent.asp
>
> http://dmoz.org/Computers/Software/Groupware/Microsoft_Exchange/
>
> If done properly, those ports are no more or less "dangerous" than
> any other 16-bit port number used for TCP or UDP protocol headers.
>
>
> But we need to be careful not to make the mistake that just because
> we don't use those ports that the protocols aren't useful to other
> people.
>
>
>
