Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: zotob - blocking tcp/445

  • From: Christopher L. Morrow
  • Date: Mon Aug 15 17:30:47 2005


On Mon, 15 Aug 2005, surfer@mauigateway.com wrote:

>
>
> NetBIOS was never meant to be a WAN protocol, so no problem
> in blocking it.

rule #1: do not be the Internet's Firewall
rule #2: see rule #1

a leaf network can make any decisions they want on traffic filtering,
large ISP's should probably not do this as there are invariably people out
there that will want SNMP/ICMP/NetBIOS/SQL-NameService to work over their
WAN link(S).  I recall some 'fun' with this issue on:

1) slammer worm (ms has a developers thingy that REQUIRES 1434 to work
over the internet)
2) welchia/nachi - how can I ping monitor my remote sites?

ymmv.

>
> For example:  grc.com/su-techzone1.htm
>
> scott
>
> ----- Original Message Follows -----
> From: Gadi Evron <ge@linuxbox.org>
> To: nanog list <nanog@merit.edu>
> Subject: zotob - blocking tcp/445
> Date: Mon, 15 Aug 2005 21:51:43 +0200
> > I heard from several different big ISP's that to stop the
> > spread of the  worm they now block tcp/445. I suppose it
> > works.
> >
> >     Gadi.
>




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.