Cox Communications begins filtering ports 25 and 80
Effective July 14, 2003, Cox Communications will begin filtering inbound
Dear All, I just received this info from cox who is my cable internet provider: Dear Valued Customer, traffic on ports 25 and 80 via cable modem connections. This will reduce the spread of viruses like Code Red, Nimda, and other viruses spread through Email. Filtering these ports will provide additional protection and improve performance for your Internet connection. This will not affect your ability to Send/Receive Email or access the Internet. This change only affects customers running an Email or Web Server, which is a very small percentage of customers.< I am not sure what this really means and if this is something to be pleased about or concerned about. Any ideas? Thank you, Marcia
On Fri, 2003-06-20 at 02:34, Marcia wrote:
I am not sure what this really means and if this is something to be pleased about or concerned about. Any ideas?
It means that you won't be able to run your own mail server or web server using the standard ports (though you could still run them using some sort of redirection) I don't see how it could possibly be "A Good Thing" to lose the ability to use the net as you see fit, but how bad it is depends on what you want to be able to do.
On Thursday 19 June 2003 5:34 pm, Marcia wrote:
Dear All,
I just received this info from cox who is my cable internet provider:
Effective July 14, 2003, Cox Communications will begin filtering inbound traffic on ports 25 and 80 via cable modem connections.[...] This change only affects customers running an Email or Web Server, which is a very small percentage of customers.<
I am not sure what this really means and if this is something to be pleased about or concerned about. Any ideas?
"what it means" is summarized by their last statement above -- it only affects people who have taken on the responsibility of actively maintaining a web or e-mail SERVER from their home. [and in some truly rare occurances, it might affect the occaisional connection you make to the outside world, but that would only occur twice in 65,530-ish connections or so...] Check your TOS carefully, especially if you've had the service "for some time". In my case, I've had DSL service since the days when static IP's were the norm. Because of this, I'm legally entitled (via the TOS) to run my own server [that's the one in my .sig line] and I'm not limited by artificial "monthly byte-count/transfer" caps. YOU SHOULD CHECK THIS even if you do not currently run a server -- you may find a day when you want to do so, and it is always nice to know you have the right/ability to do such; however if you don't check now, you may lose this ability without ever knowing you had it As a forinstance: my ISP has bought into the Yahoo! family and everyone is being encouraged to "upgrade"; it turns out that under the prior TOS, users are entitled to a meager 3mb of web space hosted by the ISP. The kicker is that if you "upgrade" your account without ever activating the webspace you had prior to becoming a Yahoo!, you don't get ANY web space once you've migrated [or worse, any webspace you get is a "freebie" Geocities account...] OTOH, if you so much as upload a single file to your designated "hosting" area prior to the "upgrade", you get to keep that 3mb of space... Now, if you do actually run a web or e-mail server, I'd recommend contacting Cox to see if they can make an explicit exception to the filtering rule. If not, you should consider haggling for a lower rate [after all, you are losing some aspect of "service" that you are currently paying for -- heck, you should do this even if you DON'T run a server ;) ] -- Yet another Blog: http://osnut.homelinux.net
"what it means" is summarised by their last statement above -- it only affects people who have taken on the responsibility of actively maintaining a web or e-mail SERVER from their home. [and in some truly rare occurances, it might affect the occasional connection you make to the outside world, but that would only occur twice in 65,530-ish connections or so...]
Discussions on this elsewhere are of the opinion that the TOS does explicitly exclude running web services on a 'home' account. People who want 'business' facilities have to pay for a business account, and the changes are to enforce the TOS rather than simply cutting of those customers who break the TOS - which is Cox's other option. The problem - i believe - is finding the TOS that you signed up to - on any ISP :) -- Lester Caine ----------------------------- L.S.Caine Electronic Services
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alle 02:48, venerdì 20 giugno 2003, Tom Emerson ha scritto:
On Thursday 19 June 2003 5:34 pm, Marcia wrote:
Dear All,
I just received this info from cox who is my cable internet provider:
Effective July 14, 2003, Cox Communications will begin filtering inbound traffic on ports 25 and 80 via cable modem connections.[...] This change only affects customers running an Email or Web Server, which is a very small percentage of customers.<
I am not sure what this really means and if this is something to be pleased about or concerned about. Any ideas?
"what it means" is summarized by their last statement above -- it only affects people who have taken on the responsibility of actively maintaining a web or e-mail SERVER from their home. [and in some truly rare occurances, it might affect the occaisional connection you make to the outside world, but that would only occur twice in 65,530-ish connections or so...]
You are never using port under 1024 to connect to the outside world, acting as a normal user. port below 1024 require root permission to be used. Praise -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQE+81KX6v3ZTabyE8kRAjzYAJ42bmHHEKMC7sUe+LJnbBeN8+JLSgCeMozp AygdTaR7eTurCxzisL0ySys= =VVAI -----END PGP SIGNATURE-----
On Friday 20 June 2003 11:29 am, Praise wrote:
Alle 02:48, venerdì 20 giugno 2003, Tom Emerson ha scritto:
... [and in some truly rare occurances, it might affect the occaisional connection you make to the outside world, but that would only occur twice in 65,530-ish connections or so...]
You are never using port under 1024 to connect to the outside world, acting as a normal user. port below 1024 require root permission to be used.
I know that is true when listening for traffic [i.e., the "server" side of the equation] but I thought the "client" side was assigned a [theoretically] random port, and I couldn't remember if the pool of "random port numbers" included ports below 1024. [and by the same token, I don't recall whether or not the SOURCE port is subject to the must-be-root limitation for ports below 1024 or not] I *do* know people have tried this to spoof firewalls into allowing a connection from the outside by "posing as" a webserver [in other words, the firewall allows connections to port 80 "on the outside", so the perp sets his program to force the "client" side connection to be on port 80 and tries to open a connection on the "inside" to a protected port number. If the firewall isn't stateful, it might allow the connection to occur because as far as the firewall is concerned, this would appear to be "in response to..." an actual web request.] -- Yet another Blog: http://osnut.homelinux.net
participants (5)
-
Anders Johansson -
Lester Caine -
Marcia -
Praise -
Tom Emerson