[60174] in North American Network Operators' Group
Re: Blocking port 135?
daemon@ATHENA.MIT.EDU (Jason Slagle)
Sat Aug 2 10:11:32 2003
Date: Sat, 2 Aug 2003 10:12:05 -0400 (EDT)
From: Jason Slagle <raistlin@tacorp.net>
To: Bruce Pinsky <bep@whack.org>
Cc: Bob German <bobgerman@irides.com>, nanog@merit.edu
In-Reply-To: <3F2ABFEA.9010606@whack.org>
Errors-To: owner-nanog-outgoing@merit.edu
On Fri, 1 Aug 2003, Bruce Pinsky wrote:
> And filtering 445 in the outbound direction to prevent attacks from the inside
> out is probably prudent as well.
Unfortunatly I've ran into at least 1 rather big example of a company
using 445 for SSL since they wanted to put more then 1 cert on a machine.
In this case it was a check clearing house, and a bank couldn't reach them
because their ISP was filtering their T1.
Jason
--
Jason Slagle - CCNP - CCDP
/"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
\ / ASCII Ribbon Campaign .
X - NO HTML/RTF in e-mail .
/ \ - NO Word docs in e-mail .
