Re: Port 135 Probes Continue

From: David Magda (dmagda+trace031024_at_ee.ryerson.ca)
Date: 12/23/03


Date: 23 Dec 2003 16:22:49 -0500


"Nico Kadel-Garcia" <nkadel@comcast.net> writes:
[...]
> port 135 from day one, along with the NFS and SMB ports *AS THEY
> SHOULD HAVE*, this virus/worm/whatever you wish to call it never
> would have propagated.

Personally I don't want my ISP deciding what I can or cannot connect
to. But that's just me. I'll take liberty over security.

> Forcing their clients to do local filtering is a fine evolutionary
> process, but the bandwidth being wasted is stuff we're paying for,
> and it's extremely poor service on their ports.

Traffic on those ports should not be counted on quotas because
there's no way to tell whether it's legitamate or because the machine
is infected.

That said, if you put your machine on the Net you should be prepared
to take responsibility for what happens to it. Of course it's easier
to do with some systemas than with others.

-- 
David Magda <dmagda at ee.ryerson.ca>, http://www.magda.ca/
Because the innovator has for enemies all those who have done well under
the old conditions, and lukewarm defenders in those who may do well 
under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI