nanog mailing list archives
Re: Port 445 issues (was: Port 80 Issues)
From: "james" <hackerwacker () cybermesa com>
Date: Sun, 9 Mar 2003 16:15:26 -0700
So far the Deloder worm appears to be responding to normal congestion feedback controls, limiting its network impact. Like CodeRed, Nimda, etc some edge providers may need to implement network controls due to scanning activities causing cache busting, but I suspect most network backbones will not need to do anything.
I agree this is not a backbone issue. Since we are an ISP and at the edge, it is a good place to drop this. Traffic is not as large, as of yet, as the SQL worm. Blocking port 445, for us, means far less $$ in support time to deal with abuse reports and infected users.
Current thread:
- Port 80 Issues John Murphy (Mar 08)
- Re: Port 80 Issues Richard A Steenbergen (Mar 08)
- Port 445 issues (was: Port 80 Issues) Johannes Ullrich (Mar 09)
- Re: Port 445 issues (was: Port 80 Issues) james (Mar 09)
- Re: Port 445 issues (was: Port 80 Issues) Jonathan Claybaugh (Mar 09)
- Re: Port 445 issues (was: Port 80 Issues) Johannes Ullrich (Mar 09)
- Re: Port 445 issues (was: Port 80 Issues) james (Mar 09)
- Re: Port 445 issues (was: Port 80 Issues) Sean Donelan (Mar 09)
- Re: Port 445 issues (was: Port 80 Issues) Jack Bates (Mar 09)
- Re: Port 445 issues (was: Port 80 Issues) james (Mar 09)
- Re: Port 445 issues (was: Port 80 Issues) Vadim Antonov (Mar 10)
- Re: Port 445 issues (was: Port 80 Issues) james (Mar 09)
- <Possible follow-ups>
- Re: Port 80 Issues John Murphy (Mar 08)
- Re: Port 80 Issues John Murphy (Mar 08)
- Re: Port 80 Issues Sean Donelan (Mar 08)
- Re: Port 80 Issues John Murphy (Mar 08)