Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.



Networking Notes: Open Port 25? Cash or Charge?

Most ISPs are closing port 25 to curb spam zombies. They should turn it into a revenue opportunity and clean up the 'net that much more quickly.

Networking Notes

Just last week, my hometown of Portland, OR, cut the ribbon on its new, free, municipal Wi-Fi network. It's still a work in progress, with just the downtown and a few select neighborhoods covered, but by 2008, the city says we'll have 95 percent coverage.

Portland already has a project designed to provide free wireless in the form of Personal Telco, but I suspect the city-supported network will grow more quickly and prove more comprehensive.

Because one of my hobbies involves wringing my hands and worrying about the security implications of anything that is as easy to connect to as a free, nonsecure wireless network blanketing an entire metropolitan area, I immediately went to the sponsoring company's site and checked out the technical FAQ to see what sort of traffic is and isn't allowed over the city network.

What's That Term?
Not sure what a particular term means? Check out the searchable PracticallyNetworked Glossary.

For starters, the FAQ says VPN traffic is allowed, and that's great. Businesses should hold themselves responsible for the security of their mobile users on open networks. I'd love to be a fly on the wall as local business IT organizations come to grips with a mobile workforce that's suddenly really mobile, not to mention currently unconnected employees who might find themselves accessing company resources over an insecure network simply because they can, or as a backup if their own ISP connection fails.

Another entry in the FAQ points out something I welcome with open arms:

Does MetroFi block Port 25?
Yes, MetroFi does block port 25 to avoid spam and network abuse of the Free wireless network. Web based e-mail can be accessed using the MetroFi free service.

MetroFiUs Premium Service, does not block port 25, and is ad free.

If you need to use Port 25 to send and receive e-mail, sign up for the MetroFi fee based service for $19.95 a month.

Port 25 is the traditional port for unsecured SMTP, the protocol that pushes mail around the Internet. When a computer gets owned by malware and turned into a zombie spam relay, it's spewing its payload over port 25.

A lot of ISPs are already blocking port 25 in an attempt to curb spam. Others are slower to do so, often because they want to provide power users with a full-service connection and the capability to run an SMTP server for their own domain. Some that allow access to port 25 do so with an additional penalty if a user mistakenly allows a computer connected to the ISP to act as a spam relay. I once got a panicked call at 7 a.m. from a friend whose Linux server had been hijacked thanks to an insecure Web feedback form. His ISP was preparing to charge him $200 for a spam incident, with threats to levy more charges if he didn't lock his system down.

Plenty of ISPs just block the connection, though, and it's not uncommon to spot folks on forums and mailing lists complaining about their "stupid ISP" blocking port 25. "It's my connection, I paid for it, I should get full service," goes their reasoning.

As someone who has run his own mail server out of his home, I feel their pain. But I also think the Internet is a commons ... not a gated community with houses built so close together grass can't grow in the two foot strips between McMansions. A privilege a few people have need for has to be weighed against the massive liability presented by broadband-connected users with little experience or motivation when it comes to protecting their computers from malware. And while a $200 fee to clean up a spam incident appeals to my punitive side, it's a threat that has to be about something that means something to the person reading it. Or backed up when the person who didn't understand it goes to court to get out of paying for the many times he allowed his computer to roll over and play zombie for the Russian spam mafia.

Rather than arbitrarily introducing a blanket block on port 25 and calling it a day, more ISPs should consider providing themselves with a new revenue stream in the form of selling access to a completely open connection. Some do a variation on this in the form of charging more for static IPs, which discourage a lot of users from running potentially dangerous services unless they also know about services like DynDNS. That's not enough, though, when the real problem is the people who don't even realize they're running a spam relay that doesn't care if it's operating from a dynamic IP.

A small fee would force people to consider whether they wanted to pay it at all (most wouldn't since they wouldn't need the service it provided), and it would remunerate ISPs for maintaining an added layer of complexity on their networks (however slight) for users who insist on running services on consumer-grade connections. And, let's face it, it'd provide some remuneration for the smart-but-not-smart-enough home networkers who accidentally leave their SMTP servers open despite the great advice they get from sites like Practically Networked.

Yes, it's their connection and they're paying for it; but it's our Internet and we need to maintain it better.


Add to del.icio.us | DiggThis


For more help, don't forget to try one of our PracticallyNetworked Forums.



Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums