[61715] in North American Network Operators' Group
Re: What do you want your ISP to block today?
daemon@ATHENA.MIT.EDU (Johannes Ullrich)
Wed Sep 3 15:53:38 2003
From: Johannes Ullrich <jullrich@euclidian.com>
Reply-To: jullrich@euclidian.com
To: Vinny Abello <vinny@tellurian.com>
Cc: Sean Donelan <sean@donelan.com>, nanog@merit.edu
In-Reply-To: <6.0.0.20.0.20030903150202.041a5e40@mail1.tellurian.com>
Date: Wed, 03 Sep 2003 15:25:44 -0400
Errors-To: owner-nanog-outgoing@merit.edu
> Even on Windows they can be used in a much safer fashion (although I would
> never attempt it for any of my stuff). It is possible to use IPSec policies
> on 2000 and higher to encrypt all traffic on specified ports to specified
> hosts/networks and block all other traffic. I bet some people are using
> this to join remote locations securely to each other for Windows networking
> with these ports and IPSec policies.
If you explain the difference between "IPSec", "The Web" to
an end user, and can convince them that they have "enough
Pentium" for it, you win and don't have to block the ports.
> There are 10 kinds of people in the world. Those who understand binary
> and those that don't.
ISPs should either block the mentioned ports, or send out bills in
binary.
--
--------------------------------------------------------------
Johannes Ullrich jullrich@euclidian.com
pgp key: http://johannes.homepc.org/PGPKEYS
--------------------------------------------------------------
"We regret to inform you that we do not enable any of the
security functions within the routers that we install."
support@covad.net
--------------------------------------------------------------
