nanog mailing list archives
Re: ISPs are asked to block yet another port
From: jlewis () lewis org
Date: Mon, 23 Jun 2003 14:16:10 -0400 (EDT)
On 23 Jun 2003, Paul Vixie wrote:
3) thoughtless reactionism at isp's does little good and sometimes some harm. take for example port-25 blocking. i've been getting relayprobed all weekend by someone who gets around outbound at&t's tcp/25 SYN blocking by sending their SYN's through a provider who shall remain nameless
...
so if you're going to block tcp/25 SYNs on outbound, please make sure you block SYN/ACK's on input too, or else you just give the spammers a little more work to do instead of a lot more work to do.
We used to provide dial-up ports to a large cut-rate dial provider who I'm not going to name. Their reaction to such games was to send in their radius auth packets data filters to block both outgoing to port 25 and incoming from port 25. There's nothing silly about restricting use of tcp/25 for dial-ups and other dynamics...you just have to do it right to be 100% effective. ---------------------------------------------------------------------- Jon Lewis *jlewis () lewis org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- ISPs are asked to block yet another port Sean Donelan (Jun 22)
- Re: ISPs are asked to block yet another port Tony Rall (Jun 22)
- Re: ISPs are asked to block yet another port Jeff Kell (Jun 23)
- Re: ISPs are asked to block yet another port Peter E. Fry (Jun 23)
- Re: ISPs are asked to block yet another port Christopher L. Morrow (Jun 23)
- Re: ISPs are asked to block yet another port Jared Mauch (Jun 23)
- Re: ISPs are asked to block yet another port Paul Vixie (Jun 23)
- Re: ISPs are asked to block yet another port jlewis (Jun 23)
- Re: ISPs are asked to block yet another port Christopher L. Morrow (Jun 23)
- Re: ISPs are asked to block yet another port Jack Bates (Jun 23)
- Re: ISPs are asked to block yet another port Paul Vixie (Jun 23)
- Re: ISPs are asked to block yet another port Paul Vixie (Jun 23)
- Re: ISPs are asked to block yet another port Christopher L. Morrow (Jun 23)
- Re: ISPs are asked to block yet another port Christopher L. Morrow (Jun 23)
- <Possible follow-ups>
- RE: ISPs are asked to block yet another port Christopher L. Morrow (Jun 23)
- Re: ISPs are asked to block yet another port Paul Vixie (Jun 24)
- Re: ISPs are asked to block yet another port Christopher L. Morrow (Jun 24)
- Re: ISPs are asked to block yet another port Paul Vixie (Jun 24)