DHCP and Cox Cable

Wes Bateman plug-discuss@lists.plug.phoenix.az.us
Sun, 27 Jan 2002 01:16:39 -0600 (CST)


Hmm, I think I have to disagree with that.  While cutting out excessive
bandwidth usage by broken boxes run by idiots may be/have been convenient,
is blocking a port at the ISP level really the right way to
"fix" things?  I figure I pay an ISP to provide me an internet
connection.  For that I expect them to route all IP packets to and fro
whatever IP they give me.  When they make these decisions to stop doing
that in little ways, here and there, then I don't have a true internet
connection any longer.

The @home network, and now all the smaller cable networks, have always
been annoying with their "no services" policy and their upstream bandwidth
caps and with their "LAN with your neighbors" architecture and with their
less reliable than dialup connections, etc. etc.  I remember when
everybody used to block traffic from their silly scanning IP addresses and
such at their firewalls.  Everybody was being stealthy and running their
services for the rest of the world to see, but not the 24. class A
space.  The thing about that always was that @home could have watched the
ports traffic was being routed in to.  Move the ports around, and they can
still set their IDS sensors to pick up on HTTP GET requests going inbound,
SSH server banners going outbound, FTP server banners going outbound, etc.

If they still have such silly, arbitrary policies, and they have the spare
time to follow up on things, they can still see what's going on.

Blocking port 80 to protect everybody though, as opposed to enforcing
their nonsense policies, is still bad.  Why don't they start sniffing that
same traffic and identify offenders on their own network.  I'm sure many
people on this list could supply them long lists of affected IP addresses
(maybe not from your cablemodem experiences any longer, but from work,
school, your sister's friend's server, etc.  Why don't they do something
to clean up their own house, rather than hide the symptoms.

Basically, I'd rather have all the traffic.  To have my ISP decide what
traffic is good for me and what isn't, just stinks IMHO.  The lunacy that
ensues every month or two when yet another "m$ RAS feature" is introduced
into the wild needs to be addressed, but not by the ISPs...at least not by
simply blocking all traffic to certain ports.

Oh well, probably nobody cares, but I feel better for having whined a bit
about it :)

Wes

> I would say that Cox did the right thing several months ago by blocking port
> 80.  It stopped a S**tload of code red and nimda infected systems from infecting
> the whole of cox's network.