On Wed, 2003-02-05 at 16:38, Paul Schmehl wrote: > Can you think of a legitimate reason why ISPs should allow ports > 135-139/TCP/UDP to be open to the Internet? How about port 445/UDP?
IMO, it's not to the ISP to choose wich ports and services should I use. I pay it (sort of) for a pipe running from my home-computer to the wild Internet and *that's all*. I don't want some "services" like transparent proxies, AV scanning at the mail relay or port filtering. I just want a pipe ... > What about the ISPs whose policy it is to not allow > customers to run servers? That's another problem. If I ask for a pipe, I want a pipe. If I ask for a discount ADSL access with limited amount of trafic and no allowed hosting (HTTP, FTP, SMTP, SSH, ...), the ISP can restrict the inbound ports. If the next big vuln/worm is a SSH one, would you agree with an ISP blocking inbound TCP/22 and forbidding to users to connect to their home-LAN to check mails, get some files, start the coffe-maker or manage downloads ? Nicob _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
