nanog mailing list archives
Re: management interface accessability (was Re: Worm / UDP1434)
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Sun, 26 Jan 2003 21:23:01 +0000 (GMT)
RT> Date: Sun, 26 Jan 2003 15:07:41 -0600 (CST) RT> From: Rob Thomas RT> This is yet another reason why I tell folks with firewalls RT> NOT to allow everything from the internal (often mistakenly RT> labelled "trusted") net to the external nets. Too true. However, when a company president gets upset because his kid couldn't play Quake over the network, ports magically begin to open... FWIW, it might be good to clarify the "stateful" remark a bit: Keeping state on all outbound traffic could cause a problem. However, check-state deny udp from any 1434 to any 1434 allow udp from any 1434 to any keep-state deny udp from any to any 1434 works nicely for blocking the worm. Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist () brics com> To: blacklist () brics com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist () brics com>, or you are likely to be blocked.
Current thread:
- Re: management interface accessability (was Re: Worm / UDP1434), (continued)
- Re: management interface accessability (was Re: Worm / UDP1434) Johannes Ullrich (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Rob Thomas (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Chris Lloyd (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Stephen J. Wilcox (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Chris Lloyd (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Iljitsch van Beijnum (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Rob Thomas (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Christopher L. Morrow (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Rob Thomas (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Christopher L. Morrow (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Rob Thomas (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) E.B. Dreger (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Christopher L. Morrow (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) Johannes Ullrich (Jan 26)
- Re: management interface accessability (was Re: Worm / UDP1434) alex (Jan 27)
- Re: management interface accessability (was Re: Worm / UDP1434) Christopher L. Morrow (Jan 27)