26 Feb
2016
26 Feb
'16
2:32 p.m.
On 2/26/16, 11:44 AM, "Blake Hudson" <blake@ispn.net<mailto:blake@ispn.net>> wrote: Jason, how do you propose to block SSDP without also blocking legitimate traffic as well (since SSDP uses a port > 1024 and is used as part of the ephemeral port range on some devices) ? As Roland suggested, very likely via UDP/1900. This will obviously be disclosed in advance to customers and tested thoroughly. I believe a few other ISPs have already taken this step. And is this practice Open Internet friendly? Port blocking is considered a form of reasonable network management provided it can be justified by security or operational stability reasons. Of course it must also be transparently disclosed and so on. Jason