[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: R41 in draft-ietf-v6ops-cpe-simple-security-07

To: Iljitsch van Beijnum <iljitsch@muada.com>
Subject: Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
From: Mohacsi Janos <mohacsi@niif.hu>
Date: Wed, 29 Jul 2009 09:29:07 +0200 (CEST)
Cc: Yaron Sheffer <yaronf@checkpoint.com>, james woodyatt <jhw@apple.com>, IPv6 Operations <v6ops@ops.ietf.org>
In-reply-to: <6F2D2674-8DC6-4B8B-9A8D-E9D28789A0A2@muada.com>
References: <20090727184501.933F83A6CE4@core3.amsl.com> <56A1905B-54B8-43AA-9AC4-55F46C2FC4B0@apple.com> <029CBD08-5A79-44C2-8490-E63AF783E3B7@muada.com> <7F9A6D26EB51614FBF9F81C0DA4CFEC80133E557C9BA@il-ex01.ad.checkpoint.com> <CA300806-CBF4-4210-B320-A7065E86E116@muada.com> <alpine.BSF.2.00.0907281919160.19142@mignon.ki.iif.hu> <6F2D2674-8DC6-4B8B-9A8D-E9D28789A0A2@muada.com>
User-agent: Alpine 2.00 (BSF 1167 2008-08-23)




On Tue, 28 Jul 2009, Iljitsch van Beijnum wrote:

Anyway the bots are preferring some exotic port numbers or portnumber thatis usually not firewalled: 80 and 443.
If a bot wants to receive incoming traffic on those ports it would have tosignal the CPE that it wants to be de-firewalled for those ports.
(Not that malware spreads by listening on those ports, listening on ports is_so_ 2003.)

Yes we are talking the same. Bots are usually dropped to compromisedwebservers to provide spreading points

	Best Regards,
		Janos

References:
- I-D Action:draft-ietf-v6ops-cpe-simple-security-07.txt
  - From: Internet-Drafts@ietf.org
- R41 in draft-ietf-v6ops-cpe-simple-security-07
  - From: james woodyatt <jhw@apple.com>
- Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- RE: R41 in draft-ietf-v6ops-cpe-simple-security-07
  - From: Yaron Sheffer <yaronf@checkpoint.com>
- Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
  - From: Mohacsi Janos <mohacsi@niif.hu>
- Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Fwd: Simple Security - Layered Filtering should be in the document
Next by Date: Re: Fwd: Simple Security - Layered Filtering should be in the document
Previous by thread: Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
Next by thread: Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
Index(es):
- Date
- Thread