[c-nsp] ISP POP Location - Blocking Ports - Advice

Tantsura, Jeff jeff.tantsura at capgemini.com
Tue Aug 3 05:14:36 EDT 2004 

Read twice what you sell to your customers before starting filtering.
At my ex-job I wasn't allowed to place ANY filters even in case of
virus/dos :)

Jeff

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Paul Stewart
Sent: Tuesday, August 03, 2004 3:15 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] ISP POP Location - Blocking Ports - Advice

Hi there..

We have decided to start being more strict on what we permit our
customers to send through out system as an ISP.  Basically I'd like to
start blocking smtp traffic except to our mail servers from dynamic
addresses.  Static IP customers will still be able to send smtp traffic.

What I am wondering though is what ports are commonly blocked now on
ISP's?
Anyone care to share their lists?

We are thinking of blocking port 25, 137, 138, 139, 445 at this point.
The reason is to cut down on the crap coming from virus infected
customers.
It's easier  to slow them down than  it is to  chase thousands of
customers.
We tried  cutting some customers off last week who were obviously
infected.
They were thankful for the phone call, got their PC fixed  up at the
local shop and  then a day later got infected again.  This time around
they were not so friendly about the scenario...

Any thoughts would be most helpful... We are looking at putting access
lists at each POP site  for now and go from there...

Paul


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


Our name has changed.  Please update your address book to the following format: "recipient at capgemini.com".

This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient,  you are not authorized to read, print, retain, copy, disseminate,  distribute, or use this message or any part thereof. If you receive this  message in error, please notify the sender immediately and delete all  copies of this message.

More information about the cisco-nsp mailing list