Slashdot Mirror

← Back to Stories (view on slashdot.org)

Should ISPs Be The Little Man's Firewall?

Posted by timothy on from the then-the-spammers-have-won dept.

Anonymous Coward writes "In a paper published today, the point is made that ISPs should filter some ports (e.g. 135) for good. I guess given what everyone sees hitting their various firewalls these days, this may make sense. But wasn't the Internet supposed to be 'open' at one point? Or are we to the point where Internet=Web (and maybe AIM). The author of the paper is operating DShield and I guess has some insight into this issue. He made the same points before on various mailing lists."

4 of 790 comments (clear)

  1. The ISP I work for... by Beatbyte · · Score: 5, Informative

    relies on me to find the latest virii/worms that are going to pound the bandwidth, get their port numbers, and setup ACL's accordingly. Not only do the customers like it, it gives us more time to patch our hundreds of machines, and decreases our incoming bandwidth.

    Overall, I help stop another hundred thousand or so Win32 users from pounding the net to death. I don't see how anyone could see this as a bad thing. (welcome input)

    --
    Get paid to code OSS
  2. Re:At MOST it should be optional... by perlchild · · Score: 5, Informative

    Err can we get clarify this
    If everyone is subscribed by default, it's out-out.
    Opt-in means you don't have it until you ask.
    The word you mean is opt, not opt-in, not opt-out. You opt to get the service in opt-int. And you opt out of the service, in opt-out.
    Spam right now is "opt-out" you get it until you sue the spammer. Software development mailing lists are opt-in, you have to confirm you want it, before they give it to you.

    And another thing, knowing the profit margins of local isps, don't expect firewalling to be free, that's kinda good, if they make it an "option" say 1-2$/month/ip protected. That would make some larger providers happy too, they want you to pay more the more machines you have. (Nat of course, covers that, but that is a firewall function, isn't it?

  3. What everyone ignores... by whoever57 · · Score: 5, Informative

    is that it costs real money to block ports. ISPs have big routers and the cpu cycles of those routers are expensive. Blocking ports takes additonal cpu cycles, so ISPs need to have a strong business reason to start blocking.

    --
    The real "Libtards" are the Libertarians!
  4. Re:shell accounts? by cyb97 · · Score: 5, Informative

    you know that pop3 can preview messages (using top msgnum no_lines) and delete with the command "dele msgnum".

    So you don't have to download all the files to delete them, pop3 has features in place. You just need a decent mailreader or telnet to use the functionality (some MUAs does implement a kind of preview before download).