[83478] in North American Network Operators' Group
Re: zotob - blocking tcp/445
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Tue Aug 16 10:21:37 2005
Date: Tue, 16 Aug 2005 14:20:35 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <4301C660.4050807@ttec.com>
To: Joe Maimon <jmaimon@ttec.com>
Cc: "surfer@mauigateway.com" <surfer@resalehost.networksolutions.com>,
Gadi Evron <ge@linuxbox.org>, nanog list <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
On Tue, 16 Aug 2005, Joe Maimon wrote:
>
>
> Christopher L. Morrow wrote:
> >
> > On Mon, 15 Aug 2005, surfer@mauigateway.com wrote:
> >
> >
> >>
> >>NetBIOS was never meant to be a WAN protocol, so no problem
> >>in blocking it.
> >
> >
> > rule #1: do not be the Internet's Firewall
> > rule #2: see rule #1
> >
> Surely we realize that this discussion is not concerning the oft
> repeated "Internet's Firewall" debate.
>
>
> This is network self preservation. Otherwise the garbage will eventually
> suffocate us all.
and again I point to the above rules. What your network can't handle
'scanning wise' is completely different from what the network I work on
can handle.
If your network is being jeopardized by some level of scanning they fix
that, but that is a local decision. Blindly stating "large isps filter
port X" is just disingenuous, there are certainly cases as exceptions,
most of which end with the ISP in question saying: "Wow that was a lot
more painful than we thought originally:("
