On Sat, 2 Aug 2003, Sean Donelan wrote:
On Sat, 2 Aug 2003, Jack Bates wrote:
Many AUP/TOS aggreements have interesting no-server clauses. Blocking 135 inbound to those systems would not breach "Internet access" as the customer shouldn't have a server running on that port. The lack of <1024 filtering on such AUP/TOS services is courtesy really. If it's not a problem to the network, the ISP generally doesn't care.
The Slammer worm was > 1024.
As someone else pointed out, if you want the ISP to provide you with a completely "safe" network you will end up with something like Minitel.
On a per-customer basis most ISP's will provide managed security services, Firewall/Authentication-services... Certainly, if the customer is interested in this service its very doable and managable. I'm not sure that the overwhelming number of customers are interested in it though. Security is still a 'only after I get screwed' thought for most customers. Slammer brought alot of attention onto security from a customer perspective (which is a good thing) and perhaps this new possible worm will do the same :) The more people have to think about it they more they will realize, as another poster posted, 'security is a lifestyle'.
ISPs do not control what Microsoft puts in its operating systems, bugs, features or other things. ISPs also did not control the introduction of NCSA Mosaic, Real Streaming, IRC Chat or most of the other things.
The gov'ts need to realize this fact, there are times that an ISP might be able to step in and help, those times HAVE TO BE minimalized and for very short durations. No ISP's network is designed to drop traffic, all of them are designed to forward on to the end destination as quickly and faithfully as possible. Depending or requiring ISP's to massivly block traffic in order to 'save the internet' due to software vendor issues is not scalable nor operationally feasible. Amazingly enough there are people that WANT to share files over the internet using standard Microsoft tools....