Full Disclosure mailing list archives
Re: SQL Slammer - lessons learned
From: David LaPorte <david_laporte () harvard edu>
Date: Wed, 5 Feb 2003 13:02:26 -0500
135-139/TCP/UDP to be open to the Internet? How about port 445/UDP?
That should read 445/TCP
No, you wouldn't, because DNS servers talk on port 53, and they wouldn't negotiate port 1434 because it's reserved for SQL.
By blocking 1434/UDP you run the risk of block a small number of DNS queries. Anything above 1023 is fair game. David On Wednesday 05 February 2003 10:38, Paul Schmehl wrote:
On Wed, 2003-02-05 at 06:55, John.Airey () rnib org uk wrote:How the ports are managed by the ISPs is up to them. We have a managed router where we block everything we can without breaking legitimate access. However, not having a practical option to block certain ports is a problem. My point was on the allocation and use by TCP/IP stacks.Can you think of a legitimate reason why ISPs should allow ports 135-139/TCP/UDP to be open to the Internet? How about port 445/UDP? Many ISPs now block port 25/TCP (for obvious reasons.) Why not other service ports? What about the ISPs whose policy it is to not allow customers to run servers? Why should they allow any traffic at all from the service ports?Sure, you can block 1434 udp inbound, but what if your DNS server (that doesn't run SQL server) picks that port randomly for incoming data from other DNS servers? You'll get failures when you shouldn't.No, you wouldn't, because DNS servers talk on port 53, and they wouldn't negotiate port 1434 because it's reserved for SQL.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: SQL Slammer - lessons learned, (continued)
- Re: SQL Slammer - lessons learned David Howe (Feb 03)
- Re: SQL Slammer - lessons learned David Howe (Feb 03)
- AOL refuses to help AIM users ATD (Feb 03)
- Message not available
- Re: AOL refuses to help AIM users ATD (Feb 03)
- Re: AOL refuses to help AIM users Rick Updegrove (Feb 03)
- Re: AOL refuses to help AIM users ATD (Feb 03)
- AOL refuses to help AIM users ATD (Feb 03)
- Re: AOL refuses to help AIM users Berend-Jan Wever (Feb 04)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 05)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 05)
- Re: SQL Slammer - lessons learned David LaPorte (Feb 05)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 05)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 05)
- Re: SQL Slammer - lessons learned David Howe (Feb 06)
- Re: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
- Re: SQL Slammer - lessons learned Blue Boar (Feb 06)
- Re: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
- Re: SQL Slammer - lessons learned Blue Boar (Feb 06)