Home page logo
/

nanog logo nanog mailing list archives

Re: Blocking port 135?
From: "Crist Clark" <crist.clark () globalstar com>
Date: Fri, 01 Aug 2003 13:12:07 -0700


Bob German wrote:

Absolutely.  All of the NetBIOS ports: 135, 137, 138, 139, 445.

Although the public exploits floating around (at the moment) attack
135/tcp, 135/udp is also vulnerable...

And for this crowd, I should point out that blocking 135/udp blocks
DCE-RPC which is used rather heavily by HP OpenView by default.

You may hear some shrieks of pain should you chose to block 135/udp.

Oh, and according to the guys who broke the story in the first place,

  http://www.securityfocus.com/archive/1/329918

Port 593/tcp is also potentially problematic.

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
Adi Linden
Sent: Friday, August 01, 2003 2:37 PM
To: nanog () merit edu
Subject: Blocking port 135?

http://www.cert.org/advisories/CA-2003-19.html

Would blocking port 135 at the network edge be a prudent preventative
measure?


-- 
Crist J. Clark                               crist.clark () globalstar com
Globalstar Communications                                (408) 933-4387

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.
If the reader of this e-mail is not the intended recipient, or the
employee or agent responsible to deliver it to the intended recipient,
you are hereby notified that any review, dissemination, distribution or
copying of this communication is strictly prohibited.  If you have
received this e-mail in error, please contact postmaster () globalstar com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault