Firewall Wizards mailing list archives
Re: Blocking MS Blaster
From: Martin Peikert <lists () nolog org>
Date: Fri, 15 Aug 2003 16:19:32 +0200
arnaud DUPUIS wrote:
${FW} -A inet-lan -p tcp -m multiport --dports 135,137,139,445,593,69,4444 -j DROP ${FW} -A inet-lan -p udp -m multiport --dports 135,137,139,445,593,69,4444 -j DROP ${FW} -A lan-inet -p tcp -m multiport --dports 135,137,139,445,593,69,4444 -j DROP ${FW} -A lan-inet -p udp -m multiport --dports 135,137,139,445,593,69,4444 -j DROP
If your firewall is set to be the default gw in your lan, I would add such rules for lan-lan too. Laptops connected to the internet elsewhere and then attached to your lan could possibly infect your lan...
GTi _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Blocking MS Blaster arnaud DUPUIS (Aug 15)
- Re: Blocking MS Blaster Martin Peikert (Aug 18)
- Re: Blocking MS Blaster Martin Peikert (Aug 18)
- <Possible follow-ups>
- RE: Blocking MS Blaster Dave Killion (Aug 15)
- RE: Blocking MS Blaster --> filter outbound access Frank Knobbe (Aug 17)
- Re: Blocking MS Blaster Martin Peikert (Aug 18)