[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Feb 4, 2011, at 5:26 PM, Jack Bates wrote:

> On 2/4/2011 6:27 PM, Owen DeLong wrote:
>>> Hell, even without CPE doing it, many residential ISPs (regardless of NAT) block inbound traffic to consumers.
>>> >  
>> Really? And they have subscribers? Surprising.
> Mark Andrews wrote:
>> I run machines all the time that don't have firewall to protect
>> them from the big wide world out there.  I suspect we all do.  Your
>> not behind a external firewall when you are at NANOG or IETF.
>> Everyone doesn't suddenly get "owned" because there isn't a external
>> firewall.  Modern OS's default to secure.
> Yes, and some of you thanked us for blocking RPC in the ISP or in the cable modems. Many such blocks are still in place in many ISPs as there was no reason to ever remove them. TCP/25 outbound is often blocked in many locations as well. Just because you don't notice the firewall, doesn't mean it doesn't exist. We stay in business when you don't notice. :)
> Jack

True... If you review the NANOG archives you'll find that at least in the case
of the port 25 absurdity, I have noticed and have railed against it.