Blocking port 135?

Justin Shore listuser at numbnuts.net
Sun Aug 3 23:17:26 UTC 2003


On Fri, 1 Aug 2003, Crist Clark wrote:

> And for this crowd, I should point out that blocking 135/udp blocks
> DCE-RPC which is used rather heavily by HP OpenView by default.
> 
> You may hear some shrieks of pain should you chose to block 135/udp.

I bidirectionally blocked all NetBIOS ports (tcp and udp) a long time back
and have yet to have any problems.  In fact I have blocked every single
port that's unique to a Microsoft product including the MS SQL ports.  I
haven't seen any downside to doing that.  I also block all Apple AFP ports
for the same reasons.  For that matter SunRPC is also blocked.  Basically
I weeded out all the ports that have major security issues and no valid
use for my users.  Now I'm not a backbone provider but for my many users
we have experienced no problems and have avoided numerous security issues
because of it.  A little preventative maintenance can go a long way.

My $.02
 Justin




More information about the NANOG mailing list