[ale] Can't connect to services with DSL connection

Jonathan Rickman jdr at xcorps.net
Sat Jul 31 13:25:50 EDT 2004


> Just another example of the ISP taking charge and making 
> defaults.  And they are forgotten.
> 
> IMHO: Blocking the ports only slow down the spread to other 
> subnets. When Mindspring/Earthlink started blocking I could 
> still send mail to users in my same public WAN subnet.  That 
> is all a worm needs when you have a dynamic IP.  Can make for 
> some interesting browsing too.


Tha Alltel Speedstream 5200 configuration blocks all incoming traffic except
for GRE and only permits outbound HTTP, HTTPS, POP3, IMAP, and SMTP. Since
this is performed at the end user's connection device, it accomplishes
exactly what it was intended to do. While Trey is correct in saying that
they should make it more well known that this is done, your criticism of
their policy is misplaced. Here is an ISP who is doing the right thing, at
the right place, and you are still critical. Had they done nothing at all,
you would probably criticize them for that. They are not blocking traffic,
they are simply sending out a device that is secure by default. You are
still free to change it, as Trey has recently discovered. IMNSHO that is the
way things should be done. But as long as people have opinions, I suppose it
will just be a case of damned if you do, damned if you don't.

As far as I'm concerned, Alltel did it right.

Trey, you can do a number of different things with the little Speedstream
boxes. You should poke around in there a little. You'll find that you can
tweak the settings to your heart's content.

--
Jonathan



More information about the Ale mailing list