nanog mailing list archives
RE: Blocking port 135?
From: "Bob German" <bobgerman () irides com>
Date: Sat, 2 Aug 2003 10:18:27 -0400
None of the exceptions mentioned means you can't filter. We practice a policy of informed filtering. We filter by default, and if the customer requests unfiltered and understands the risks involved, we add an exception for their connection. By default, we filter all of the usual Windows ports, plus a few other known-sketchy ports and port combinations. -----Original Message----- From: Jason Slagle [mailto:raistlin () tacorp net] Sent: Saturday, August 02, 2003 10:12 AM To: Bruce Pinsky Cc: Bob German; nanog () merit edu Subject: Re: Blocking port 135? On Fri, 1 Aug 2003, Bruce Pinsky wrote:
And filtering 445 in the outbound direction to prevent attacks from the inside out is probably prudent as well.
Unfortunatly I've ran into at least 1 rather big example of a company using 445 for SSL since they wanted to put more then 1 cert on a machine. In this case it was a check clearing house, and a bank couldn't reach them because their ISP was filtering their T1. Jason -- Jason Slagle - CCNP - CCDP /"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . \ / ASCII Ribbon Campaign . X - NO HTML/RTF in e-mail . / \ - NO Word docs in e-mail .
Current thread:
- Re: Blocking port 135?, (continued)
- Re: Blocking port 135? bmanning (Aug 01)
- Re: Blocking port 135? Richard Irving (Aug 01)
- Re: Blocking port 135? Sean Donelan (Aug 01)
- Re: Blocking port 135? Jack Bates (Aug 01)
- Re: Blocking port 135? Christopher L. Morrow (Aug 01)
- RE: Blocking port 135? Adi Linden (Aug 01)
- RE: Blocking port 135? Jason Robertson (Aug 01)
- Re: Blocking port 135? Bruce Pinsky (Aug 01)
- Re: Blocking port 135? Jason Slagle (Aug 02)
- RE: Blocking port 135? Bob German (Aug 02)
- Re: Blocking port 135? Justin Shore (Aug 03)
- Re: Blocking port 135? Jack Bates (Aug 02)
- Re: Blocking port 135? Mans Nilsson (Aug 02)
- Re: Blocking port 135? Sean Donelan (Aug 02)
- Re: Blocking port 135? Christopher L. Morrow (Aug 02)