Re: ISPs are blocking port 445?

To: debuser <debian-user@lists.debian.org>
Subject: Re: ISPs are blocking port 445?
From: Matthew Weier O'Phinney <matthew@weierophinney.net>
Date: Thu, 10 Oct 2002 22:30:17 -0400
Message-id: <[🔎] 20021011023017.GA632@weierophinney.homelinux.org>
Mail-followup-to: Matthew Weier O'Phinney <matthew@weierophinney.net>, debuser <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20021010163536.4c3a1ada.debuser@sysmatrix.net>
References: <[🔎] 20021009181342.799adc32.newsuser@famdijkstra.org> <[🔎] 20021009212243.1a47868d.newsuser@famdijkstra.org> <[🔎] 1034267076.10653.10.camel@haggis> <[🔎] 20021010163536.4c3a1ada.debuser@sysmatrix.net>

-- Gerald Livingston <debuser@sysmatrix.net> wrote
(on Thursday, 10 October 2002, 04:35 PM -0500):
> On 10 Oct 2002 11:24:36 -0500
> Ron Johnson <ron.l.johnson@cox.net> wrote:
> > On Wed, 2002-10-09 at 14:22, Tim Dijkstra wrote:
> > > On Wed, 9 Oct 2002 18:13:42 +0200
> > > Tim Dijkstra <newsuser@famdijkstra.org> wrote:
> > > It seems that our M$ using friends have some
> > > problems. Win2k/XP have a filesharing protocol on 445, and because
> > > most users of M$ products are so enlightend to choose a blank admin
> > > password, this is a security issue.
> > > So apperently some ISP's have chosen to 'protect' their users from
> > > these attacks and are dropping these packets...
> > 
> > Cox Cable did the same thing with port 80 soon after Code Red 
> > struck.  Yet another reason why I hate MSFT and lusers.
> > 
> > At the same time, they decided to be really anal and block port
> > 25, too.  Bah!
> 
> Time Warner blocked 80 here but they are polite enough to scan 25 for
> open relays. From the rejected messages in Exim it appears that if they
> find one they will at least inform you before locking it down. (Messages
> deleted so I can't copy the text. Appears to be roughly a monthly scan.)

Interestingly enough, neither is the case with TW's business lines (for
some obvious reasons, and some not so obvious). They *do* scan port 25,
but not necessarily for open relays (I was *ahem* running one for about
6 months before I figured out how to patch it up) -- in my case, I
simply started getting their service announcements sent directly to my
mail server admin account instead of my (unused) TW address... Felt a
bit invasive, but it was a smart move on their part, too, as that way I
was receiving their (usually after-the-fact) messages about the latest
worms, virii, etc. (The service announcements came both *before* and
*after* the open relay... they never bothered to let me know about it --
I found out when I started getting spam that originated on my own server
;-) )

-- 
Matthew Weier O'Phinney
matthew@weierophinney.net

Reply to:

References:
- ISPs are blocking port 445?
  - From: Tim Dijkstra <newsuser@famdijkstra.org>
- Re: ISPs are blocking port 445?
  - From: Tim Dijkstra <newsuser@famdijkstra.org>
- Re: ISPs are blocking port 445?
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: ISPs are blocking port 445?
  - From: Gerald Livingston <debuser@sysmatrix.net>

Prev by Date: Re: New Debian User - Totally Impressed
Next by Date: OT: changing colours in midnight commander
Previous by thread: Re: ISPs are blocking port 445? - att
Next by thread: RE: ISPs are blocking port 445?
Index(es):
- Date
- Thread