nanog mailing list archives
Re: Even you can be hacked
From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Fri, 11 Jun 2004 22:52:18 +0100 (BST)
Henry, from the email address I'm assuming youre not trolling and are therefore missing a few facts, IP!=IPX, that is.. ports arent in the routing table It is not the ports below that cause the security issues, it is the applications which are using them, you need to either fix the apps or take the apps off the Internet Nobody owns ports, they are arbitrary, some may get given a special purpose by the IANA but theres nothing to say they -have- to use those numbers.. therefore you cannot get a list of them.. and if they're dynamic or private (if I understand what you mean) then by defintion they arent static and cant be documented? Steve On Fri, 11 Jun 2004, Henry Linneweh wrote:
Here are a list of very active ports that attempt to hack into peoples systesm from various parts of the world China in particular. I think unassigned ports should be dropped from routing tables unless they are registered with the host and or providers as to their legitimate use.... smpnameres 901/tcp SMPNAMERES smpnameres 901/udp SMPNAMERES blackjack 1025/tcp network blackjack blackjack 1025/udp network blackjack cap 1026/tcp Calender Access Protocol cap 1026/udp Calender Access Protocol exosee 1027/tcp ExoSee exosee 1027/udp ExoSee # 1124-1154 Unassigned ssslic-mgr 1203/tcp License Validation ssslic-mgr 1203/udp License Validation ms-sql-s 1433/tcp Microsoft-SQL-Server ms-sql-s 1433/udp Microsoft-SQL-Server ms-sql-m 1434/tcp Microsoft-SQL-Monitor ms-sql-m 1434/udp Microsoft-SQL-Monitor # 6851-6887 Unassigned monkeycom 9898/tcp MonkeyCom monkeycom 9898/udp MonkeyCom And I need a list that shows who or what owns Dynamic and/or Private Ports -Henry --- "Laurence F. Sheldon, Jr." <LarrySheldon () cox net> wrote:Andy Dills wrote:On Thu, 10 Jun 2004, Laurence F. Sheldon, Jr.wrote:Jeff Shultz wrote:But ultimately, _you_ are responsible for yourown systems.Even if the water company is sending me 85%TriChlorEthane?Right. Got it. The victim is always responsible. There you have it folks.Change the word "victim" to "negligent party" andyou're correct.Ignoring all of the analogies and metaphors, thebottom line is that ISPsare _not responsible_ for the negligence of theircustomers, and that ISPsare _not responsible_ for the _content_ of thepackets we deliver. Infact, blocking the packets based on content wouldrun counter to our soleresponsibility: delivering the well-formed packets(ip verify unicastreverse-path) where they belong. Remember, we're service providers, not contentproviders. Unless your AUPor customer contract spells out security servicesprovided (most actuallygo the other way and limit the liability of theservice providerspecifically in this event), then your customershave to pay you to securetheir network (unless you feel like doing it forfree), or they areresponsible, period. As far as I'm concerned, that guy would have abetter shot at suingMicrosoft then challenging his bandwidth bill. Andy --- Andy Dills Xecunet, Inc. www.xecu.net 301-682-9972 ---How many more of these do I need, do you think? -- Requiescas in pace o email Ex turpi causa non oritur actio http://members.cox.net/larrysheldon/
Current thread:
- Re: Even you can be hacked, (continued)
- Re: Even you can be hacked Stephen Sprunk (Jun 10)
- Re: Even you can be hacked Laurence F. Sheldon, Jr. (Jun 11)
- Re: Even you can be hacked Henry Linneweh (Jun 11)
- Re: Even you can be hacked Laurence F. Sheldon, Jr. (Jun 11)
- Re: Even you can be hacked Laurence F. Sheldon, Jr. (Jun 11)
- Re: Even you can be hacked Randy Bush (Jun 11)
- Re: Even you can be hacked Laurence F. Sheldon, Jr. (Jun 11)
- Re: Even you can be hacked Andy Dills (Jun 11)
- Re: Even you can be hacked Scott Stursa (Jun 11)
- was: Even you can be hacked Matthew McGehrin (Jun 11)
- Re: Even you can be hacked Stephen J. Wilcox (Jun 11)
- Re: Even you can be hacked Owen DeLong (Jun 10)
- Re: Even you can be hacked Mark Kent (Jun 10)
- Re: Even you can be hacked Owen DeLong (Jun 10)
- Re: Even you can be hacked Alex Rubenstein (Jun 10)
- Re: Even you can be hacked Owen DeLong (Jun 10)
- Re: Even you can be hacked james edwards (Jun 10)
- Re: Even you can be hacked Jeff Kell (Jun 10)
- Re: Even you can be hacked Wayne E. Bouchard (Jun 10)
- Re: Even you can be hacked Adam Debus (Jun 10)