Home page logo
/

nanog logo nanog mailing list archives

Re: Blocking port 135?
From: "Stephen Sprunk" <stephen () sprunk org>
Date: Fri, 1 Aug 2003 14:02:21 -0500


Thus spake "Adi Linden" <adil () adis on ca>
http://www.cert.org/advisories/CA-2003-19.html

Would blocking port 135 at the network edge be a prudent preventative
measure?

If you see your job as protecting users from their own ignorance, blocking
135-139 both tcp and udp has been prudent for nearly a decade.  However, not
all providers share that view.

S

Stephen Sprunk         "God does not play dice."  --Albert Einstein
CCIE #3723         "God is an inveterate gambler, and He throws the
K5SSS        dice at every possible opportunity." --Stephen Hawking


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]