The Watercooler
Thoughts on engineering and the working life.

Of Nimbus, Code Red, and Port Blocking

By Hoang Do
Saturday, January 19, 2002

The Nimbus and Code Red worms have been causing havoc with network providers by causing infected machines to hammer the network with countless messages in the hopes of infecting other machines.  Disturbances in the Internet of this nature have around since Sept 2001. It has only been 3 months since that date but within Internet time, it may as well be forever.  The effects of these malicious pieces of code can be felt within the network of providers by keeping their equipment constantly loaded with activity.  On the consumer end (and most people who have DSL or Cable Modem have already seen it), there is a morass of unsolicited activity that occurs on their modem.  If you have either of these services, you can see the activity lights TX or RX go off 24/7 even though you aren't even using the modem to access the Internet.  The providers, in order to combat this, have decided to block port 80 (the HTTP port which the recent worms utilize).  And in their infinite wisdom they have decided to block 21, 25, 110, as well as other well-known socket ports.  Their thinking is: why not prevent possible future abuse by limiting user usage of the Internet in the first place?  So this begins the war between hackers and service providers.  This will likely go on for some time yet and incur an escalation of costs.  The resulting casualty, the people who are going to pay for this war, are the consumers.  Not only is money going to be an issue, since it is obvious that the providers will pass on their increasing costs to us consumers, but there will also be a growing amount of aggravation in using the Internet.  Already the port blocking headaches have cost me a week in trying to explain to Cox Communications why their doing so is handicapping my usage of the Net.  Are service providers going to be the next Internet government?  Will they say.... you can do this limited thing but not anything else?  Then as a recourse, hide behind the excuse of "hackers"?

Hoang Do
Las Vegas

Comment on this Article