Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Public Teleconferences
Join CIO Executive Council members and participate in the following live one-hour teleconferences:
* Transforming IT Teams
September 16
* Global CIOs: How to Lead on the World Stage
September 18
* Social Responsibility's Strategic Benefits
October 29
Apply today for a FREE subscription to CIO Magazine!
November 01, 2005 — CIO —
Among the ISPs that offer security, many of them attempt to do so by blocking traffic through Port 25, the server port used for simple mail transfer protocol (SMTP) transmissions. This practice prevents e-mail from in-network computers from going to any other mail servers on the Internet unless the mail first goes through central ISP mail servers or a mail server that has been added to an exception list.
Dave Jevans, chairman of the Anti-Phishing Working Group(www.antiphishing.org), says the method is widely considered to be a best practice for detecting and preventing spam and phishing senders on ISP networks. Many of these senders are zombies (also know as bots), which are often also used for DDoS attacks. Yet this method of blocking is not common practice in the ISP industry today.
Some ISPs, including SBC, EarthLink and midsize ISP Jumpline.com, also block inbound traffic through Port 25 as well. Tripp Cox, CTO at EarthLink, claims this less-common tactic is done to prevent infected computers from becoming part of a botnet, which is used to send spam and infect other computers to spread destruction.
To make sure all mail servers are legitimate, EarthLink and others force users to upgrade to a more substantive business account for the privilege of running SMTP servers from inside the network. ISPs say this helps them keep inadvertent open mail relays to a minimum, further reducing the risk of a spam zombie attack.
"Blocking Port 25 is the first step toward stopping DDoS attacks as a whole," says Cox. "It’s the very least an ISP can do behind the scenes to make the connection more secure." –M.V.
© 2008 CXO Media Inc.
The Latest Advancements in SSL Technology
Getting in Compliance with Government Data Regulations by Leveraging Online Security Technology
How to Offer the Strongest SSL Encryption
The Hydra and the Onion: A Multi-Layered Security Model for Today's Dynamic IT Threat Environment
Data Loss Prevention Starts at the Endpoint: Seeking Safety from the Data Loss Pandemic
Solving Online Credit Fraud Using Device Reputation
Rethinking the Corporate Help Desk: Learn how to deliver anywhere, anytime incident response
Building Competitive Advantage with Next-Generation Wireless Infrastructure
Find out what Forrester says about mobile endpoint security and its management.
Get Forrester's take on simplifying mobility with the universal wireless client.
Advanced DNS and Traffic Management Solutions: The Keys to Enhancing and Securing your Enterprise Network
Solutions to the Toughest IT Challenges in Remote Offices
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Analysts: Google Spreading Itself Too Thin
At 10, Google Reiterates Commitment to CIOs
Nokia Adds Address, Calendar Sync to Ovi
Oracle Said to Be Making Progress on Fusion Apps
Libertarian Barr, EPIC Outline Privacy Agenda
As Google Turns 10, Enterprise Success in Question
Innovative Thinking Gets a Kick in the Pants
Disk Storage Drove Ahead in Q2
MySQL Cofounder May Resign
VMware Virtual Servers Get 5X Faster Shadow Copy With V2 of Vreeam Backup
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
