Even on Windows they can be used in a much safer fashion (although I would never attempt it for any of my stuff). It is possible to use IPSec policies on 2000 and higher to encrypt all traffic on specified ports to specified hosts/networks and block all other traffic. I bet some people are using this to join remote locations securely to each other for Windows networking with these ports and IPSec policies.
If you explain the difference between "IPSec", "The Web" to an end user, and can convince them that they have "enough Pentium" for it, you win and don't have to block the ports.
There are 10 kinds of people in the world. Those who understand binary and those that don't.
ISPs should either block the mentioned ports, or send out bills in binary. -- -------------------------------------------------------------- Johannes Ullrich jullrich@euclidian.com pgp key: http://johannes.homepc.org/PGPKEYS -------------------------------------------------------------- "We regret to inform you that we do not enable any of the security functions within the routers that we install." support@covad.net --------------------------------------------------------------