Home page logo
/

nanog logo nanog mailing list archives

Re: Blocking port 135?
From: Jared Mauch <jared () puck Nether net>
Date: Fri, 1 Aug 2003 14:50:49 -0400


On Fri, Aug 01, 2003 at 01:37:21PM -0500, Adi Linden wrote:
http://www.cert.org/advisories/CA-2003-19.html

Would blocking port 135 at the network edge be a prudent preventative 
measure?

        I've blocked these ports on my home network for
some time, just for insurance reasons to make sure that I
don't accidentally have something "bad" happen.

        I don't think you will see providers doing widescale filtering
ala the ms-sql slammer situation though.

        I've actually been considering the ethics of sending
winpopup "spam" to send people to the windows update website.

        I think that the most important thing to do is to remind
users to (and how to) download all the latest patches
for their system.  And that it's worth the download time and effort.

        This is something that the lurking reporters can do for the good
of the internet, encourage your readers to visit 
windowsupdate.microsoft.com.  If your website does pop-up ads,
consider windowsupdate.microsoft.com in your rotation :)

        - Jared



-- 
Jared Mauch  | pgp key available via finger from jared () puck nether net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]