[rescue] firewalling windoze crap
Phil Stracchino
alaric at caerllewys.net
Sat Aug 16 15:02:55 CDT 2003
On Sat, Aug 16, 2003 at 03:31:02PM -0400, Dave McGuire wrote:
> Hey folks. I have a neighbor connecting through my network. He's
> running Windoze.
>
> What ports do I need to block on my firewall to protect him from this
> latest bullshit? And what ports in general should I block to help
> protect his machine?
W32/Blaster (aka DCOM-RPC) attacks via port 135. I also block 7-19,
37-43, 57-77, 111, 137-139, 161-191, 199-442, 444-515, 520-1023,
1433-1434, 4444, and 32770-32779. Of these, the key ones for protecting
Windows boxen are 137-139, 444-515, 1433-1434, 4444, and 32770-32779
iirc.
--
.********* Fight Back! It may not be just YOUR life at risk. *********.
: phil stracchino : unix ronin : renaissance man : mystic zen biker geek :
: alaric at caerllewys.net : alaric-ruthven at earthlink.net : phil at latt.net :
: 2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold) :
: Linux Now! ...Because friends don't let friends use Microsoft. :
More information about the rescue
mailing list