[60170] in North American Network Operators' Group
RE: Blocking port 135?
daemon@ATHENA.MIT.EDU (Chris Johnston)
Sat Aug 2 00:32:01 2003
From: "Chris Johnston" <chris@routerguy.com>
To: "'Adi Linden'" <adil@adis.on.ca>, <nanog@merit.edu>
Date: Fri, 1 Aug 2003 21:29:45 -0700
In-Reply-To: <Pine.LNX.4.44.0308011335310.30966-100000@adibox.knet.ca>
Errors-To: owner-nanog-outgoing@merit.edu
IMHO, If it's for my own network, yes. Block it.
If you are ISP'ing for it, you shouldn't need netbios related stuff on
your own servers and they should be protected anyway. However, it
should be passed along to your customers in case they are foolish enough
to have to expose MS related services anyway.
Chris Johnston
714-306-5746
949-653-8819 (fax)
Cannot find REALITY.SYS. Universe halted.
-------------------------------------------------------------------
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
Adi Linden
Sent: Friday, August 01, 2003 11:37 AM
To: nanog@merit.edu
Subject: Blocking port 135?
http://www.cert.org/advisories/CA-2003-19.html
Would blocking port 135 at the network edge be a prudent preventative
measure?
