Re: Probes on Port 135 and 445 continue

david20_at_alpha2.mdx.ac.uk
Date: 10/12/04

  • Next message: david20_at_alpha2.mdx.ac.uk: "Re: Probes on Port 135 and 445 continue" 
    Date: Tue, 12 Oct 2004 11:34:43 +0000 (UTC)

    In article <MPG.1bd4b2d8b090d6d98983b@news-server.columbus.rr.com>, Leythos <void@nowhere.org> writes:
    >In article <86oej9axq0.fsf@number6.magda.ca>, dmagda+trace040726
    >@ee.ryerson.ca says...
    >> Leythos <void@nowhere.org> writes:
    >>
    >> > If ISP's imposed NAT (with no port forwarding) on residential users
    >> > you would see a lot less of it.
    >>
    >> Personally I would want want my ISP to touch my traffic as little as
    >> possible. At most making sure that the outgoing packets don't have
    >> forged source headers.
    >>
    >> But that's just me.
    >
    >I suspect that you are one of the few that understands networking,
    >something about security, and about the many things that can be done
    >with an open connection. What you failed to understand is that most
    >people don't have a clue, just "Use" a computer, never thought about
    >updates or security.
    >
    >As I've said many times before, if the "Default" was NAT, and you could
    >get "Public" just by asking, it would solve a LOT of problems. So, you
    >could still have your unfiltered traffic if you know enough to ask for
    >it, but for the lemmings out there, we would all be better off as would
    >they.
    >

    Unfortunately NAT breaks some applications.
    I'd pity the ISP support people having to try to explain why to your "clueless"
    users.

    Also in a few years time we should have moved to IPv6 and NAT should no longer
    be needed for it's real purpose of conserving IP address space.

    David Webb
    Security team leader
    CCSS
    Middlesex University

    >--
    >--
    >spamfree999@rrohio.com
    >(Remove 999 to reply to me)

  • Next message: david20_at_alpha2.mdx.ac.uk: "Re: Probes on Port 135 and 445 continue"

    Relevant Pages

    • Re: Probes on Port 135 and 445 continue
      ... At most making sure that the outgoing packets don't have ... >something about security, and about the many things that can be done ... Unfortunately NAT breaks some applications. ... I'd pity the ISP support people having to try to explain why to your "clueless" ...
      (comp.security.misc)
    • Re: Gallery 1.3.3
      ... I am forwarding this response from the Author of Gallery who posted ... Recently there was a post on BugTraq, that referred to a security hole ... was refers to is the fact that on a shared webserver it's possible for ... webserver is managing data for you via a web interface and your ISP ...
      (Bugtraq)
    • Re: Raw Sockets in WinXP
      ... > endangering the rest of the net, the ISP will have to fix their ... us to make their site secure. ... security with the amount of knowledge expected by that manual. ... Steps to securing Windows NT 4.0 ...
      (Security-Basics)
    • Re: security based on IP address
      ... I agree with you that your ISP very likely provides an internet protocol ... My cable modem provider required a MAC ... his name with an IP address from security forum posts and IRC chats, ...
      (Security-Basics)
    • Re: newby isp questions
      ... >I have and ADSL modem connecting to an ISP. ... >- The ADSL modem will connect to a Firewall box. ... Looking from the security side, ...
      (freebsd-isp)