[80778] in North American Network Operators' Group
Re: Blocking port udp/tcp 1433/1434
daemon@ATHENA.MIT.EDU (Jon Lewis)
Wed May 11 18:24:59 2005
Date: Wed, 11 May 2005 18:22:26 -0400 (EDT)
From: Jon Lewis <jlewis@lewis.org>
To: MARLON BORBA <MBORBA@trf3.gov.br>
Cc: nanog@nanog.org
In-Reply-To: <s28201b5.067@server-trf-web.trf3.gov.br>
Errors-To: owner-nanog@merit.edu
On Wed, 11 May 2005, MARLON BORBA wrote:
>
> <evil grin>
> if you are sure there are no more infected machines out there...
> </evil grin>
There will always be infected machines out there. The question is, are
there infectable machines on your network, and will your network contain
them or melt down if you allow them to get infected?
sql slammer must have been a huge money maker for cisco and other switch
vendors (any that support per-port rate-limiting or policing) as networks
scrambled to upgrade infrastructure to contain the next similar outbreak
rather than melt under the load.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
