On Tue, 12 Aug 2003, Jack Bates wrote:
Sean Donelan wrote:
http://computerworld.co.nz/webhome.nsf/UNID/BEC6DE12EC6AE16ECC256D8000192BF7...
"While some end users are calling for ISPs to block certain ports relating to the Microsoft exploit as reported yesterday (Feared RPC worm starts to spread), most ISPs are reluctant to do so."
Is it just me that feels that blocking a port which is known to be used to perform billions of scans is only proper? It takes time to contact,
and you are willing to open holes across your network for every tom, dick or sally that wants to share files with their pal across town? (or off your network) If people want to use the network they need to take the responsibility and patch their systems. Blocking should really only be considered in very extreme circumstances when your network is being affected by the problem, or if the overall threat is such that a short term network-wide block would help get over the hump.