On 2/4/2011 6:27 PM, Owen DeLong wrote:
Hell, even without CPE doing it, many residential ISPs (regardless of NAT) block inbound traffic to consumers.
Really? And they have subscribers? Surprising.
Mark Andrews wrote:
I run machines all the time that don't have firewall to protect them from the big wide world out there. I suspect we all do. Your not behind a external firewall when you are at NANOG or IETF. Everyone doesn't suddenly get "owned" because there isn't a external firewall. Modern OS's default to secure.
Yes, and some of you thanked us for blocking RPC in the ISP or in the cable modems. Many such blocks are still in place in many ISPs as there was no reason to ever remove them. TCP/25 outbound is often blocked in many locations as well. Just because you don't notice the firewall, doesn't mean it doesn't exist. We stay in business when you don't notice. :) Jack