Home page logo
/

nanog logo nanog mailing list archives

Re: Port blocking last resort in fight against virus
From: "Christopher L. Morrow" <chris () UU NET>
Date: Tue, 12 Aug 2003 21:36:02 +0000 (GMT)



On Tue, 12 Aug 2003, Jack Bates wrote:


Sean Donelan wrote:

http://computerworld.co.nz/webhome.nsf/UNID/BEC6DE12EC6AE16ECC256D8000192BF7!opendocument

"While some end users are calling for ISPs to block certain ports relating
to the Microsoft exploit as reported yesterday (Feared RPC worm starts to
spread), most ISPs are reluctant to do so."


Is it just me that feels that blocking a port which is known to be used
to perform billions of scans is only proper? It takes time to contact,

and you are willing to open holes across your network for every tom, dick
or sally that wants to share files with their pal across town? (or off
your network)

If people want to use the network they need to take the responsibility and
patch their systems. Blocking should really only be considered in very
extreme circumstances when your network is being affected by the problem,
or if the overall threat is such that a short term network-wide block
would help get over the hump.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault