[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: is udp port 1434 now useless?

To: iesg@ietf.org
Subject: Re: is udp port 1434 now useless?
From: Rob Austein <sra@hactrn.net>
Date: Thu, 30 Jan 2003 09:44:14 -0500
In-reply-to: <20030126023433.0067C7B4D@berkshire.research.att.com>
References: <20030126023433.0067C7B4D@berkshire.research.att.com>
User-agent: Wanderlust/2.8.1 (Something) Emacs/20.7 Mule/4.0 (HANANOEN)

At Sat, 25 Jan 2003 21:34:32 -0500, Steve Bellovin wrote:
> 
> In order to stop the spread of SQL.Slammer, many ISPs and end-users 
> installed filters to block all traffic to UDP port 1434.  I wonder if 
> those will ever go away.  We still see Code Red attacks; I wonder if 
> this will die off faster.  When will people remove their filters?  If 
> they don't, random UDP-based apps are going to fail at random times 
> when they just happen to bind to local port 1434.  That might be a very
> strange failure mode indeed.

Not the first such example.  Eg, I've been blocking UDP port 2049
(NFS) for at least five years now, and yes, that does occasionally
drop DNS or NTP from clients that happens to pick that local port.

If this kind of thing becomes sufficiently widespread, retrying with a
different local UDP port may have to become yet another thing that all
robust software has to try, which in turn will increase the pressure
to use ridiculously short timeouts (see my standard rant about the
decreasing patience of DNS resolvers over the last 15 years).

References:
- is udp port 1434 now useless?
  - From: Steve Bellovin <smb@research.att.com>

Prev by Date: Re: "IETF consensus" in IANA considerations [was Re: Last Call: CR-LDP Extensions for ASON to Informational ]
Next by Date: Re: "IETF consensus" in IANA considerations [was Re: Last Call: CR-LDP Extensions for ASON to Informational ]
Previous by thread: is udp port 1434 now useless?
Next by thread: Heads Up: URI BOF at SF IETF meeting?
Index(es):
- Date
- Thread