Hi, A couple of weeks ago, I have added the ports mentioned above to the existing list of blocked ports. The additional port blocking is in response to an improvement of last year's "NAT slipstreaming" attack, see footnote [1] for more. Again, we acknowledge that this stops an instance of the attack rather than solving the problem, which will have to happen elsewhere.
This announcement was delayed for the sake of coordinated disclosure with other vendors. Bugs: 1677940 and 1677047 Standard: If all goes well, this will be in fetch <https://github.com/whatwg/fetch/pull/1148> Platform coverage: on all paltforms Preference: We can revert this using the existing network.security.ports.banned.override pref DevTools bug: N/A Other browsers: Blink shipped web-platform-tests: Coming. Thanks, Freddy [1] <https://www.armis.com/resources/iot-security-blog/nat-slipstreaming-v2-0-new-attack-variant-can-expose-all-internal-network-devices-to-the-internet/> _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
