cox does block port 445 also, but i havent seen any exploits that use that port. even though its said that port 445 is vulnerable, where is the POC?
--- Kurt Seifried <[EMAIL PROTECTED]> wrote: > Off topic: > > This won't help much at all. Windows 2000/XP run > Microsoft SMB over TCP on > 445 as well (reduced overhead then 135/etc, no > NetBIOS layer). When a client > tries to connect to a remote host for file/print > sharing/etc it connects on > both ports 135 and 445, if a response is recieved > from port 445 it drops the > connection to 135. THe attack works quite well > against client systems using > port 445. If Cox blocks both ports 135 and 445 that > will be semi-effective > (except of course for internal users who spread a > worm/etc, such as laptops > that move around). THis may block a few of the more > stupid attacks but not > for long. > > Kurt Seifried, [EMAIL PROTECTED] > A15B BEE5 B391 B9AD B0EF > AEB0 AD63 0B4E AD56 E574 > http://seifried.org/security/ > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
