[83486] in North American Network Operators' Group
Re: zotob - blocking tcp/445
daemon@ATHENA.MIT.EDU (Gadi Evron)
Tue Aug 16 15:07:15 2005
Date: Tue, 16 Aug 2005 22:02:43 +0200
From: Gadi Evron <ge@linuxbox.org>
To: Randy Bush <randy@psg.com>
Cc: Joe Maimon <jmaimon@ttec.com>,
"Christopher L. Morrow" <christopher.morrow@mci.com>,
"surfer@mauigateway.com" <surfer@resalehost.networksolutions.com>,
nanog list <nanog@merit.edu>
In-Reply-To: <17154.13994.341636.37929@roam.psg.com>
Errors-To: owner-nanog@merit.edu
Randy Bush wrote:
>>Surely we realize that this discussion is not concerning the oft
>>repeated "Internet's Firewall" debate.
>>Its about containing a potential worm/virus outbreak. Call it a network
>>wide quarantine.
>
>
> surely you realize that this discussion is not about civil rights
> and the constitution, but about combatting terrorists.
To a level, it is.
Is combating terrorists bad? No one here would say no. Then it starts
getting complicated when you discuss the HOW.
Over-protecting by first saying "no" because you fear potential "how's"
is silly.
Fearing the HOW itself is legitimate.
Not every block is a censor, m'kay? Some censors are good - do you want
to see kiddie porn on TV? Let us not make this a freedom of speech
argument and go back to network issues.
You have say, 35K clients who will get infected in the next 2 days if
you don't block port 445. Are you going to block it or are you going to
let them get infected and infect others?
That or I am missing something.
Gadi.
