North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: zotob - blocking tcp/445
- From: Christopher L. Morrow
- Date: Mon Aug 15 17:30:47 2005
On Mon, 15 Aug 2005, firstname.lastname@example.org wrote:
> NetBIOS was never meant to be a WAN protocol, so no problem
> in blocking it.
rule #1: do not be the Internet's Firewall
rule #2: see rule #1
a leaf network can make any decisions they want on traffic filtering,
large ISP's should probably not do this as there are invariably people out
there that will want SNMP/ICMP/NetBIOS/SQL-NameService to work over their
WAN link(S). I recall some 'fun' with this issue on:
1) slammer worm (ms has a developers thingy that REQUIRES 1434 to work
over the internet)
2) welchia/nachi - how can I ping monitor my remote sites?
> For example: grc.com/su-techzone1.htm
> ----- Original Message Follows -----
> From: Gadi Evron <email@example.com>
> To: nanog list <firstname.lastname@example.org>
> Subject: zotob - blocking tcp/445
> Date: Mon, 15 Aug 2005 21:51:43 +0200
> > I heard from several different big ISP's that to stop the
> > spread of the worm they now block tcp/445. I suppose it
> > works.
> > Gadi.