We now block some internet ports for your protection

That got your attention. No we aren’t evil, just the opposite, we are improving your internet experience. Most Netgear routers have a DOS Attack logging feature as part of their “advanced” protection. When the router properly detects and discards a packet on the Internet side, it jumps up and down, logging the event in a non volatile buffer. As a result, the logging action actually slows down your internet and you experience “glitches” or “slowdowns. It isn’t the our service, but the router.

To combat this, we are now dropping packets at the edge of Kitsap county that are destined to your home that are of the following nature. None of these ports should normally be used on an internet connection. By keeping the “useless/harmful” packets off of the Net253 network, we ensure more of your bandwidth is available for the information you actually want.

If you feel negatively impacted by this, drop me a line. I am willing to listen. In the time it took me to compose this post we have blocked over 5,000 packets that would have hit various homes on our network. Two days later, we have blocked over two million packets that were targeting customers inside Kitsap.

In the month of Nov/December (up to the 21st) we blocked 19 million bad packets, representing 1gigabyte of malicious traffic heading into Kitsap.

Here is the port list

• 19 - Chargen port (for testing teletypes); is only used for DOS attacks these days.

• 67 - DHCP, it is also used for DOS attacks

• 135 - Windows RPC - Swiss cheese is more secure than this legacy Microsoft protocol.

• 135-139 - NetBIOS - Total WORM/virus bait, remember BLASTR back in win95 days?

• 161 - SNMP - This should not go over open internet - DOS/Trojans

• 445 - Microsoft-DS - Another swiss cheese Microsoft protocol that is abused

• 1900 - SSDP - Simple service discovery protocol, DDOS bait

• 10001 - Ubiquiti Discovery exploit - We have been burned by this one in the past.