nanog mailing list archives

Re: Blocking port 135?

From: Sean Donelan <sean () donelan com>
Date: Fri, 1 Aug 2003 14:51:18 -0400 (EDT)


On Fri, 1 Aug 2003, Adi Linden wrote:

http://www.cert.org/advisories/CA-2003-19.html

Would blocking port 135 at the network edge be a prudent preventative
measure?


It depends.

  Do you have a network edge?
  Do you have the resources to block it?
  Do you need it for anything else?
  Have you left other holes open?

In reality blocking port 135 is almost never sufficient.  Its slightly
better than waving a dead chicken over your PC.

Current thread:

Blocking port 135? Adi Linden (Aug 01)
- Re: Blocking port 135? Sean Donelan (Aug 01)
  - Re: Blocking port 135? Christopher L. Morrow (Aug 01)
    - Re: Blocking port 135? bmanning (Aug 01)
    - Re: Blocking port 135? Richard Irving (Aug 01)
    - Re: Blocking port 135? Sean Donelan (Aug 01)
    - Re: Blocking port 135? Jack Bates (Aug 01)
    - Re: Blocking port 135? Christopher L. Morrow (Aug 01)
- RE: Blocking port 135? Bob German (Aug 01)
  - RE: Blocking port 135? Adi Linden (Aug 01)
    - RE: Blocking port 135? Jason Robertson (Aug 01)
  - Re: Blocking port 135? Bruce Pinsky (Aug 01)

(Thread continues...)