Re: [PLUG] Verizon blocking port 25

Bob Schwier on 1 Sep 2009 11:28:17 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Verizon blocking port 25

From: Bob Schwier <schwepes2002@yahoo.com>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Verizon blocking port 25

Date: Tue, 1 Sep 2009 11:28:10 -0700 (PDT)

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

Alas, the problem of he commons. It is both bad when corporate hacks can control same or when we must let government intervene. bs --- On Thu, 8/27/09, John Kreno <john.kreno@gmail.com> wrote: > From: John Kreno <john.kreno@gmail.com> > Subject: Re: [PLUG] Verizon blocking port 25 > To: bergman@merctech.com, "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org> > Date: Thursday, August 27, 2009, 9:38 AM > Really, when it comes down to it. Despite > the laws that may exist, it is up to the individuals in > society to police themselves. I guess that's what I was > getting at. I mean anymore you do have some very socialist > avenues in the US that you could persue, but even they > require some intervention from the person seeking them. The > picture you paint is one of state control. I don't see > why anyone would do that. The internet is one of those last > bastions of freedom. > > On Wed, Aug 26, 2009 at 5:56 PM, > <bergman@merctech.com> > wrote: > > > > > > In the message dated: Wed, 26 Aug 2009 16:59:44 EDT, > > The pithy ruminations from John Kreno on > > <Re: [PLUG] Verizon blocking port 25> were: > > > > => > > => Hi, > > => > > => Long time listener, first time caller. I think even > though that Verizon in > > => this case is a residential provider, that an ISP > should not filter any ports > > => for any reason. It should be the customer's > responsibility to perform due > > > > Absolutely, in the best of all worlds. > > > > However, the customers, by-and-large, are clueless and > incapable of keeping > > their machines from becoming virus-infected zombies that > steal passwords and > > spew out spam. Excluding people on this list, of course. > :) > > > > => diligence. The internet should be as open as > possible, much like the real > > => world. But the end user should be > diligent to keep their own end points > > => secure. > > => > > => - John > > => > > > > > > What "real world" do you live in? To perpetuate a > flawed but common analogy, if > > the "Internet" is a highway system, then > high-speed access from Verizon (and > > Comcast, etc.) is much like a private toll road. The last > time I looked, those > > roads had very specific regulations--not just in terms of > cost, but in terms of > > the size, width, height, weight, speed, and payload of your > vehicle. > > > > Think of an typical home computer with a broadband > connection as a pickup truck > > traveling down the road. The driver's got a birthday > card for Dear Old Mom > > sitting on the front seat next to him, and he wants to get > onto the private > > toll road to deliver to the card to Mom. Unfortunately, > he's also got a dripping > > load of asbestos, used motor oil, and rotting kitchen > scraps that unscrupulous > > waste disposal firms (hackers) toosed into the back of the > truck when he wasn't > > looking. The toll taker can smell the truck coming before > he even approaches the > > EZ-Pass lane, and flags him over. That's what network > egress filtering is like. > > > > > > [DISCLAIMER] > > I'm not a Verizon customer... I haven't read the > details of their filtering & > > port blocking..... I put in some effort to get around > (tunning through) > > Comcast's port 25 blocks, so it's not as if I like > the concept, but I think > > it's got some practical benefits. > > [/DISCLAIMER] > > > > Mark > > > > > > > > => On Wed, Aug 26, 2009 at 4:45 PM, Randall A Sindlinger > < > > => rsindlin+plug@seas.upenn.edu > <rsindlin%2Bplug@seas.upenn.edu>> > wrote: > > > => > > => > On Wed, Aug 26, 2009 at 03:48:41PM -0400, jeff > wrote: > > => > > Greg Helledy wrote: > > => > > > need to use port 587 when on the > Verizon network and 25 elsewhere. > > => > What > > => > > > exactly is Verizon achieving by doing > this > > => > > > > => > > annoying the most people possible. > > => > > That is apparently its own reward. > > => > > > > => > > > => > It might be annoying, but that's not the > goal. By far, most people connect > > => > to port 25 *un*encrypted. (I know all of you > manually configured your email > > => > clients to use StartTLS or SSL, though, right?) > > => > > > => > As far as packet sniffing goes, port 25 is the > best place to pick up > > => > people's > > => > usernames and passwords, since its default mode > is cleartext. Once someone > > => > has that, at best they can send _authenticated_ > spam using that account. > > => > Or worse, they can start trying that username/pw > on every banking, social > > => > networking, and shopping site they can find, > and, well, try *that* for > > => > annoying. > > => > > > => > Quite frankly, I think Verizon is behind the > curve on this. Anybody that > > => > has > > => > thought much about security has mostly already > done this, afaik. > > => > > > => > -Randall > > => > > > => > > ___________________________________________________________________________ > > => > Philadelphia Linux Users Group -- > > => > http://www.phillylinux.org > > => > Announcements - > > => > http://lists.phillylinux.org/mailman/listinfo/plug-announce > > => > General Discussion -- > > => > http://lists.phillylinux.org/mailman/listinfo/plug > > => > > > => > > => > > => > > => -- > > => John Kreno > > => > > => "Those who would sacrifice essential liberties > for a little temporary safety > > => deserve neither liberty nor safety." - Ben > Franklin > > => > > => --0015174be3660059e6047211bbc4 > > => Content-Type: text/html; charset=ISO-8859-1 > > => Content-Transfer-Encoding: quoted-printable > > => > > => Hi,<br><br>=A0Long time listener, first > time caller. I think even though th= > > => at Verizon in this case is a residential provider, > that an ISP should not f= > > => ilter any ports for any reason. It should be the > customer's responsibil= > > => ity to perform due diligence. The internet should be > as open as possible, m= > > => uch like the real world. But the end user should be > diligent to keep their = > > => own end points secure.<br> > > => <br>- John<br><br><div > class=3D"gmail_quote">On Wed, Aug 26, 2009 at > 4:45 P= > > => M, Randall A Sindlinger <span > dir=3D"ltr"><<a > href=3D"mailto:rsindlin%2B= > > => plug@seas.upenn.edu">rsindlin+plug@seas.upenn.edu</a>></span> > wrote:<br>= > > => <blockquote class=3D"gmail_quote" > style=3D"border-left: 1px solid rgb(204, = > > => 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: > 1ex;"> > > => <div class=3D"im">On Wed, Aug 26, > 2009 at 03:48:41PM -0400, jeff wrote:<br> > > => > Greg Helledy wrote:<br> > > => > > need to use port 587 when on the > Verizon network and 25 elsewhere= > > => . =A0What<br> > > => > > exactly is Verizon achieving by > doing this<br> > > => ><br> > > => > annoying the most people > possible.<br> > > => > That is apparently its own > reward.<br> > > => ><br> > > => <br> > > => </div>It might be annoying, but that's > not the goal. =A0By far, most pe= > > => ople connect<br> > > => to port 25 *un*encrypted. (I know all of you manually > configured your email= > > => <br> > > => clients to use StartTLS or SSL, though, > right?)<br> > > => <br> > > => As far as packet sniffing goes, port 25 is the best > place to pick up people= > > => 's<br> > > => usernames and passwords, since its default mode is > cleartext. =A0Once someo= > > => ne<br> > > => has that, at best they can send _authenticated_ spam > using that account.<br= > > => > > > => Or worse, they can start trying that username/pw on > every banking, social<b= > > => r> > > => networking, and shopping site they can find, and, > well, try *that* for<br> > > => annoying.<br> > > => <br> > > => Quite frankly, I think Verizon is behind the curve on > this. =A0Anybody that= > > => has<br> > > => thought much about security has mostly already done > this, afaik.<br> > > => <font color=3D"#888888"><br> > > => -Randall<br> > > => > </font><div><div></div><div > class=3D"h5"><br> > > => > ___________________________________________________________________________= > > => <br> > > => Philadelphia Linux Users Group =A0 =A0 =A0 =A0 -- =A0 > =A0 =A0 =A0<a href=3D= > > => "http://www.phillylinux.org"; > target=3D"_blank">http://www.phillylinux.org</= > > > => a><br> > > => Announcements - <a href=3D"http://lists.phillylinux.org/mailman/listinfo/pl= > > => ug-announce" target=3D"_blank">http://lists.phillylinux.org/mailman/listinf= > > => o/plug-announce</a><br> > > => General Discussion =A0-- =A0 <a href=3D"http://lists.phillylinux.org/mailma= > > => n/listinfo/plug" > target=3D"_blank">http://lists.phillylinux.org/mailman/lis= > > => tinfo/plug</a><br> > > => > </div></div></blockquote></div><br><br > clear=3D"all"><br>-- <br>John > Kreno<= > > => br><br>"Those who would sacrifice > essential liberties for a little tem= > > => porary safety deserve neither liberty nor > safety." - Ben Franklin<br> > > => > > => > > => --0015174be3660059e6047211bbc4-- > > => > > => --===============0328640799== > > => Content-Type: text/plain; > charset="us-ascii" > > => MIME-Version: 1.0 > > => Content-Transfer-Encoding: 7bit > > => Content-Disposition: inline > > => > > => > ___________________________________________________________________________ > > => Philadelphia Linux Users Group -- > http://www.phillylinux.org > > => Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > > => General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > > => > > => --===============0328640799==-- > > => > > > > > > > > ___________________________________________________________________________ > > Philadelphia Linux Users Group -- http://www.phillylinux.org > > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > > > > > -- > John Kreno > > "Those who would sacrifice essential liberties for a > little temporary safety deserve neither liberty nor > safety." - Ben Franklin > > > > > -----Inline Attachment Follows----- > > ___________________________________________________________________________ > Philadelphia Linux Users Group > -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Prev by Date: Re: [PLUG] Running a Jabber Server

Next by Date: [PLUG] Pidgin webcam and voice (XMPP/GMail/GTalk) ... Re: SIP SoftPhone Recommendations

Previous by thread: Re: [PLUG] Running a Jabber Server

Next by thread: [PLUG] Pidgin webcam and voice (XMPP/GMail/GTalk) ... Re: SIP SoftPhone Recommendations

Index(es):

Date

Thread