Full Disclosure mailing list archives
Re: Learn from history?
From: Ondrej Krajicek <krajicek () ics muni cz>
Date: Thu, 6 May 2004 12:27:48 +0200
Not quite. Anyone here using IPSEC filter group policies to block the ports that Sasser uses to propagate? Obviously you can't block 445 without causing significant issues, but you can block the ports Sasser uses to transfer itself (5554 & 9996). Anyone here using IPSEC Filter Group Policies at all?
Anyone? I'am really curious if someone dares to use this for production-level security. With no logs, you must rely on pen-testing to make sure it works. Beside the burden of hacking of your own _production_ box, as always with group policy, you never know when it stops to work. Just my $0.02... Ondra Krajicek +>>>-----------------------------------------------------------------+ |Ondrej Krajicek (-KO| |Institute of Computer Science, Masaryk University Brno, CR | |http://isildur.ics.muni.cz/~ondra krajicek () ics muni cz| +--------------------------------------------------------------------+ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Learn from history? Lennart Damm (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- Re: Learn from history? Valdis . Kletnieks (May 05)
- <Possible follow-ups>
- RE: Learn from history? Serge van Ginderachter (svgn) (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- RE: Learn from history? full-disclosure (May 05)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)
- Re: Learn from history? Ondrej Krajicek (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Alerta Redsegura (May 06)
- RE: Learn from history? Ferris, Robin (May 06)
- RE: Learn from history? Alerta Redsegura (May 06)
- RE: Learn from history? Steve Bremer (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? full-disclosure (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Ng, Kenneth (US) (May 10)
(Thread continues...)