[83513] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: zotob - blocking tcp/445

daemon@ATHENA.MIT.EDU (Petri Helenius)
Wed Aug 17 11:56:57 2005

Date: Wed, 17 Aug 2005 18:56:21 +0300
From: Petri Helenius <pete@he.iki.fi>
To: Daniel Senie <dts@senie.com>
Cc: William Warren <hescominsoon@emmanuelcomputerconsulting.com>,
	nanog@merit.edu
In-Reply-To: <6.2.3.4.2.20050817114250.07c0abd0@mail.amaranth.net>
Errors-To: owner-nanog@merit.edu


Daniel Senie wrote:

>
> One of the dangers is more and more stuff is being shoved over a 
> limited set of ports. There are VPNs being built over SSL and HTTP to 
> help bypass firewall rule restrictions. At some point we end up with 
> another protocol demux layer, and a non-standard one at that if we 
> push more and more restrictive filters out there. This in the long run 
> is going to cause many problems.

Isn't SSL VPN exactly another protocol demux layer, though it might be a 
standard one?

Pete


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[83513] in North American Network Operators' Group

Re: zotob - blocking tcp/445

daemon@ATHENA.MIT.EDU (Petri Helenius)Wed Aug 17 11:56:57 2005

daemon@ATHENA.MIT.EDU (Petri Helenius)
Wed Aug 17 11:56:57 2005