[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1429.68.53.52.152.1060556112.squirrel@redrazor.net>
From: pdt at jackhammer.org (pdt@...khammer.org)
Subject: Cox is blocking port 135 - off topic
If they do it like Comcast has it implemented even clients on the same
cable router can't speak on the "windows" ports to each other. Last I
checked they were blocking 137-139 and have been for some time.
> Off topic:
>
> This won't help much at all. Windows 2000/XP run Microsoft SMB over TCP on
> 445 as well (reduced overhead then 135/etc, no NetBIOS layer). When a
> client
> tries to connect to a remote host for file/print sharing/etc it connects
> on
> both ports 135 and 445, if a response is recieved from port 445 it drops
> the
> connection to 135. THe attack works quite well against client systems
> using
> port 445. If Cox blocks both ports 135 and 445 that will be semi-effective
> (except of course for internal users who spread a worm/etc, such as
> laptops
> that move around). THis may block a few of the more stupid attacks but not
> for long.
>
> Kurt Seifried, kurt@...fried.org
> A15B BEE5 B391 B9AD B0EF
> AEB0 AD63 0B4E AD56 E574
> http://seifried.org/security/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Powered by blists - more mailing lists