Full Disclosure mailing list archives
RE: SQL Slammer - lessons learned
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Sun, 9 Feb 2003 13:36:40 -0600
All this is well and good, but I have a really hard time understanding why we need to route insecure networking protocols such as NetBIOS, CIFS, NFS or NIS across the Internet. Just closing those ports would do a world of good for the Internet as a whole, and who in the world would it hurt? If you really seriously need to mount drives from a remote network, you can do it through a secure tunnel (SSH, VPN), which would not be blocked by blocking those ports. If the Internet is going to survive in any viable fashion, we have to come to our senses when it comes to allowable services. The uncontrolled access to networking services on home computers and poorly secured commercial networks is the root cause behind a lot of the problems that exist on the Internet today - worms, virus, trojans, etc. Ports 139 and 445, *at a minimum*, should be closed (to the outside) on every network in the world. Are you really willing to demand your "freedom" in the face of the overwhelming odds that leaving those ports open will do more harm than good? Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/~pauls/ AVIEN Founding Member -----Original Message----- From: yossarian [mailto:yossarian () planet nl] Sent: Sunday, February 09, 2003 12:52 PM To: Steffen Dettmer; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] SQL Slammer - lessons learned My question - must my ISP know all types of traffic legit to me, in order to service me? And change the rulesets if I update some software? Or should I apply this knowledge to set up a firewall that suits my own needs? My ISP can not setup a FW that suits me 100%, since it has other companies / customers with different needs on the same local loop. So even if my ISP were to block most of the dangerous traffic, I still would need a FW, since it cannot block all. And since an ISP must make profit, having them doing MY firewall be probably be a lot more expensive than if I do it myself. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: SQL Slammer - lessons learned, (continued)
- RE: SQL Slammer - lessons learned John . Airey (Feb 05)
- RE: SQL Slammer - lessons learned Cushing, David (Feb 05)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 05)
- RE: SQL Slammer - lessons learned John . Airey (Feb 06)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)
- RE: SQL Slammer - lessons learned Ron DuFresne (Feb 06)
- RE: SQL Slammer - lessons learned Paul Schmehl (Feb 06)
- RE: SQL Slammer - lessons learned John . Airey (Feb 07)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 07)
- Re: SQL Slammer - lessons learned David Howe (Feb 07)
- Re: SQL Slammer - lessons learned Niels Bakker (Feb 07)
- Re: SQL Slammer - lessons learned David Howe (Feb 07)
- RE: SQL Slammer - lessons learned Schmehl, Paul L (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- Re: SQL Slammer - lessons learned Georgi Guninski (Feb 09)
- Re: SQL Slammer - lessons learned yossarian (Feb 09)
- RE: SQL Slammer - lessons learned Steve Wray (Feb 09)
- RE: SQL Slammer - lessons learned Schmehl, Paul L (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- RE: SQL Slammer - lessons learned Steve Wray (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- RE: SQL Slammer - lessons learned John . Airey (Feb 10)
- RE: SQL Slammer - lessons learned John . Airey (Feb 10)
- Re: SQL Slammer - lessons learned David Howe (Feb 10)
(Thread continues...)