lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <001201c3381e$96e12e20$53c287d4@idunno.org>
From: barryd at idunno.org (Barry Dorrans)
Subject: RE: Windows Messenger Popup Spam on UDP Port 1026

> Due to widespread abuse, many ISPs have moved to block
> inbound traffic on UDP port 135. It appears the spammers have adapted,
> so ISPs are urged to block UDP port 1026 inbound as well.


Why is it up to an ISP to block traffic?

I've "suffered" at the hands of an over active ISP who decided to block all
SQL traffic in and out of a data centre, with no warning or no email
informing me of the fact afterwards. 3 days of trying to debug why the heck
services were failing the ISP finally informs me of their over zealous
response.

As an aside, isn't UDP 1026 is generally accepted to be part of LSA/AD
Authenication? Has anyone else been able to reproduce this?


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ