On Sun, 19 Jan 2003, Avleen Vig wrote:
On Sun, 19 Jan 2003, Christopher L. Morrow wrote:
you could partly get around this by blocking all 'SYN' packets going to your customers :-)
and we are hoping none are hosting webservers or mail servers or.... right? Oh wait! I'll just make them use my datacenters, right?? or were you not talking about the attacks?
I was refering specifically to end user workstations. For example home machines on dial up or broadband connections. A lot of broadband providers already prohibit running servers and block certain inbound ports (eg 21 and 80). *shrug* just seems like it would make more sense to block all incoming 'syn' packets.
Doesn't this stop kazaa/morpheus/gnutella/FTP/<some aim stuff like private chats>? This is a problematic setup, and woudl require the cable modem provider to maintain a quickly changing 'firewall' :( I understand the want to do it, but I'm not sure its practical to see it happen based solely on the hassle factor :( Hmm, security, "you gotta pay to play" (Some famous man once said that I believe)
Wouldn't that be faster than inspecting the destination port against two seperate rules?
I don't know how these operators do their blocking..