Blocking port 135?

Crist Clark crist.clark at globalstar.com
Fri Aug 1 20:12:07 UTC 2003


Bob German wrote:
> 
> Absolutely.  All of the NetBIOS ports: 135, 137, 138, 139, 445.

Although the public exploits floating around (at the moment) attack
135/tcp, 135/udp is also vulnerable...

And for this crowd, I should point out that blocking 135/udp blocks
DCE-RPC which is used rather heavily by HP OpenView by default.

You may hear some shrieks of pain should you chose to block 135/udp.

Oh, and according to the guys who broke the story in the first place,

  http://www.securityfocus.com/archive/1/329918

Port 593/tcp is also potentially problematic.

> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On Behalf Of
> Adi Linden
> Sent: Friday, August 01, 2003 2:37 PM
> To: nanog at merit.edu
> Subject: Blocking port 135?
> 
> http://www.cert.org/advisories/CA-2003-19.html
> 
> Would blocking port 135 at the network edge be a prudent preventative
> measure?


-- 
Crist J. Clark                               crist.clark at globalstar.com
Globalstar Communications                                (408) 933-4387

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.
If the reader of this e-mail is not the intended recipient, or the
employee or agent responsible to deliver it to the intended recipient,
you are hereby notified that any review, dissemination, distribution or
copying of this communication is strictly prohibited.  If you have
received this e-mail in error, please contact postmaster at globalstar.com



More information about the NANOG mailing list