| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: joey2cool at yahoo.com (Joey) Subject: Cox is blocking port 135 - off topic cox does block port 445 also, but i havent seen any exploits that use that port. even though its said that port 445 is vulnerable, where is the POC? --- Kurt Seifried <listuser@...fried.org> wrote: > Off topic: > > This won't help much at all. Windows 2000/XP run > Microsoft SMB over TCP on > 445 as well (reduced overhead then 135/etc, no > NetBIOS layer). When a client > tries to connect to a remote host for file/print > sharing/etc it connects on > both ports 135 and 445, if a response is recieved > from port 445 it drops the > connection to 135. THe attack works quite well > against client systems using > port 445. If Cox blocks both ports 135 and 445 that > will be semi-effective > (except of course for internal users who spread a > worm/etc, such as laptops > that move around). THis may block a few of the more > stupid attacks but not > for long. > > Kurt Seifried, kurt@...fried.org > A15B BEE5 B391 B9AD B0EF > AEB0 AD63 0B4E AD56 E574 > http://seifried.org/security/ > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Powered by blists - more mailing lists