Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

ISPs are asked to block yet another port

  • From: Sean Donelan
  • Date: Mon Jun 23 02:01:21 2003

http://www.lurhq.com/popup_spam.html

"LURHQ Corporation has observed traffic to large blocks of IP addresses on
udp port 1026. This traffic started around June 18, 2003 and has been
constant since that time. LURHQ analysts have determined that the source
of the traffic is spammers who have discovered that the Windows Messenger
service listens for connections on port 1026 as well as the more
widely-known port 135. Windows Messenger has been a target for spammers
since late last year, because it allows anonymous pop-up messages to be
displayed on any Windows system running the messenger service. Due to
widespread abuse, many ISPs have moved to block inbound traffic on udp
port 135. It appears the spammers have adapted, so ISPs are urged to block
udp port 1026 inbound as well."


How many ports should ISPs block?  People still buy and connect insecure
computers to the net.






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.