Ackar
09-07-2003, 09:56 PM
Slashdot | Should ISPs Be The Little Man's Firewall? (http://slashdot.org/articles/03/09/07/2343254.shtml?tid=126&tid=172&tid=95)
<blockquote>Quote:<hr>"In a paper (http://www.sans.org/rr/special/isp_blocking.php) published today, the point is made that ISPs should filter some ports (e.g. 135) for good. I guess given what everyone sees hitting their various firewalls these days, this may make sense. But wasn't the Internet supposed to be 'open' at one point? Or are we to the point where Internet=Web (and maybe AIM). The author of the paper is operating DShield (http://www.dshield.org/) and I guess has some insight into this issue. He made the same points before on various mailing lists." <hr></blockquote>
This may help against the majority of customers that don't know enough to protect their own system, but it could be annoying(or worse) to those of us that don't use our machines as just web/mail browsers.
I kind of agree with this response someone posted...
<blockquote>Quote:<hr>Re:At MOST it should be optional
Agreed. I left my old ISP (a small regional one in country queensland, australia) because they kept blocking ports bit by bit, based on traffic. If I started using ssh heavily, they'd block it "in case it was abuse" to try protecting me, and I'd need to call them to get the block removed. Wouldn't matter what the protocol, one by one more and more were closed.
The only ones that weren't regularly blocked like that were web ftp and mail to their servers.
As soon as one of the larger ISPs started operating here I switched over, and the dodgy blocking one had a huge sob story in the local paper about small businesses being forced out by large corporations. More like small businesses who have no clue what users want. <hr></blockquote>
</p>Edited by: <A HREF=http://pub147.ezboard.com/bmonklybusiness43508.showUserPublicProfile?gid=ack ar>Ackar</A> at: 9/7/03 8:57 pm
<blockquote>Quote:<hr>"In a paper (http://www.sans.org/rr/special/isp_blocking.php) published today, the point is made that ISPs should filter some ports (e.g. 135) for good. I guess given what everyone sees hitting their various firewalls these days, this may make sense. But wasn't the Internet supposed to be 'open' at one point? Or are we to the point where Internet=Web (and maybe AIM). The author of the paper is operating DShield (http://www.dshield.org/) and I guess has some insight into this issue. He made the same points before on various mailing lists." <hr></blockquote>
This may help against the majority of customers that don't know enough to protect their own system, but it could be annoying(or worse) to those of us that don't use our machines as just web/mail browsers.
I kind of agree with this response someone posted...
<blockquote>Quote:<hr>Re:At MOST it should be optional
Agreed. I left my old ISP (a small regional one in country queensland, australia) because they kept blocking ports bit by bit, based on traffic. If I started using ssh heavily, they'd block it "in case it was abuse" to try protecting me, and I'd need to call them to get the block removed. Wouldn't matter what the protocol, one by one more and more were closed.
The only ones that weren't regularly blocked like that were web ftp and mail to their servers.
As soon as one of the larger ISPs started operating here I switched over, and the dodgy blocking one had a huge sob story in the local paper about small businesses being forced out by large corporations. More like small businesses who have no clue what users want. <hr></blockquote>
</p>Edited by: <A HREF=http://pub147.ezboard.com/bmonklybusiness43508.showUserPublicProfile?gid=ack ar>Ackar</A> at: 9/7/03 8:57 pm