@home

David Walker linux_user at grax.com
Thu Aug 23 04:23:01 UTC 2001


The blocking by default idea has a lot of merit.  Then those who use it
can still use it and the masses won't be getting infected and infecting
others.

The problem with blocking infected people is that once they're infected
their computers are now trying to infect other people's computers.  So
blocking incoming port 80 no longer is important.  If you block port 80
outgoing then you have shut off their web access.  Which is OK since
they should be fixing and disinfecting their computer before using the
network again.

For them to detect which users are infected would be a very large task
of analyzing the traffic which could have privacy issues and other
serious technical problems.

I hardly see how blocking a few ports is an impediment to you.  You
signed up for access to the internet not for the internet to be able to
access you.

While I agree with the quote from Ben Franklin I am still willing to
give up the freedom to drive 85 in a residential zone in exchange for
the security of the pedestrians and children, etc.

On Wednesday 22 August 2001 23:01, you wrote:
>  > In fact I am wondering if my having an old cable modem could be related
> >
> > to the fact that my port 80 is not blocked.  Does anyone know any more
> > about this idea?
>
> That's a good question, I have an old-as-dirt cable modem, and I'm not
> blocked yet. Everybody I know who is blocked has a newer one...
>
> I don't know why cox doesn't just block infected people. If you've gone
> THIS long, weeks now, without having heard about code red, you have no
> business running a server. Maybe it's time we require something like an
> internet drivers license :) That would never work, but what about an isp
> equivelent. Block incomming ports by default, and you have to ask to have
> them turned on, but get them revoked if your computer is used in an attack,
> or a pawn in a worm. I'd like ports 21, 22, 25, 80 and 443 please.
>
> I'm lucky enough that my home server is just for experemental stuff, and
> anything of any value is outside of @home's network., but this has to suck
> for anybody who ran a modest server for years and had it cut off instantly.
> I doubt they'd even accept you paying an extra $5 a month to run a server.
> I guess corperations suck...
>
> -- Daniel



More information about the OLUG mailing list