[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Thank you, Comcast.

Livingood, Jason wrote on 2/26/2016 9:12 AM:
> FWIW, Comcast's list of blocked ports is at http://customer.xfinity.com/help-and-support/internet/list-of-blocked-ports/. The suspensions this week are in direct response to reported abuse from amplification attacks, which we obviously take very seriously.
> We are in the process of considering adding some new ports to this block list right now, and one big suggestion is SSDP. If you have any others you wish to suggest please send them to me and the guy on the cc line (Nirmal Mody).
> Thanks!
> Jason

Jason, how do you propose to block SSDP without also blocking legitimate 
traffic as well (since SSDP uses a port > 1024 and is used as part of 
the ephemeral port range on some devices) ? Is the downside of blocking 
(admittedly a small amount of) legitimate user traffic worth the upside? 
And is this practice /Open Internet/ friendly?