Vadim - the instant someone sues a Provider for sexual harassment from
spam epidemic you will start to see things change. The reason that No-Sane provider will block these ports or services is because they have been listening to their Network Admins too long, and in fact the problem is
On Tue, 21 Jan 2003, todd glassey wrote: their that
they are not sane providers. What they are, and this is pretty much true
Actually, most provider won't block ports due to service contracts with customers. Mail filters easily allow for exceptions to the rule. However, IP layer filters do not allow such exceptions without extensive overhead. Is a rural ISP that is forced to use older routers for modem banks to deal with rural telco issues required to run an authentication method that allows per user filtering despite the fact that such methods seriously inhibit the performance of the modem bank? Or should such a provider block specific IP ranges or ports at a global level despite the fact their clients actually use the valid services registered to those ports? It is not the responsibility of the provider to secure the individual's machines. The provider's responsibility is to the network as a whole. We designed a stupid network so that interoperability would be optimal. The second you start building smart networks, you have conflicts. Look at the caching engines of today. There is not a single cache mechanism that is guaranteed to work with 100% of the content its designed to cache. Another example would be the recent 69/8 issues; Smart networks trying to protect themselves and damaging legitimate traffic in the process. Jack Bates Network Engineer BrightNet Oklahoma