By now, many of you have called your ISPs to inquire about why your applications suddenly stopped working. Chances are, you were lied to. It's hard to say if these lies are intentional, or due to misunderstanding/misinformation on the part of your ISP's technical support.
First, here is the real reason your ISP is blocking ports:
An ISP's customers are it's biggest liability. When a new virus breaks out, the ISP is flooded with technical support calls. The majority of customers don't know what a port is, and don't realize that it is not the job of their ISP to protect them. When someone hacks into their system, they don't call a security specialist, they call their ISP.
The easiest way out of this mess of angry customers is, you guessed it, to limit their internet connections.
Unfortunately, the number of computer savvy users who use networking applications is comparatively small, so we lose the functionality of our connection in order to keep the unknowing masses calm.
From the ISP's perspective, they have just deferred hundreds of thousands of customer support calls, saving money in the process.
Now on to the lies:
Myth: Microsoft told us to do it. We had no choice.
Reality: Microsoft did indeed recommend that the ports be blocked: by end users, not ISPs
Source: Best practices recommend blocking all TCP/IP ports that are not actually being used, and most firewalls including the Windows Internet Connection Firewall (ICF) block those ports by default
Myth: The MS.Blaster patch installed by Microsoft is blocking those ports, not us.
Reality: Laugh at them when they tell you this. Explain that blocking ports is not a solution to a vulnerability, otherwise we would end up blocking off the entire internet. Technical Support might be confused with the Internet Connection Firewall, which blocks incoming information on some ports by default.
Source: The patch corrects the vulnerability by altering the DCOM interface to properly check the information passed to it.
Myth: The Department of Homeland Security told us to do it.
Reality: No one "told" them to do anything. DHS did suggest that ISPs block *incoming* traffic, temporarily. It would have been good advice, except the ISP's never turned off the blocks!
Source: DHS further suggests that Internet Service Providers and network administrators consider blocking TCP and UDP ports 69, 135, 139, 445, and 4444 for inbound connections unless absolutely needed for business or operational purposes.
Myth: There is no reason for you to use those ports, only viruses use them.
Reality: There are plenty of legitimate uses for all the ports that are being blocked: Microsoft Exhange, Samba and File and Printer Sharing are just three examples. There are plenty of Macintosh and Linux programs that use these ports too, but ISPs assume everyone is running Windows.
Source: I attended Microsoft's seminar titled: "Hey! I know! How about we build some ports into our operating system just for viruses!". We voted against the idea.
Myth: We're not blocking any ports.
Reality: If your network applications suddenly stopped working, and you suspect port blocking, chances are you're right! Many lower level tech support employees have no idea about port blocking and will tell you it isn't happening.
Source: Want to check for yourself? Disable your firewalls and go here to see which ports are blocked
|
