-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Why would you have that port open any way on your firewall. A firewall should be explicit deny all unless there is a need to have that port open. I don't know many people that have port 4444 open for any reason. I can say that because I deal with many large companies firewalls.
Not only should you have 4444 blocked you should have a NetBIOS block rule that is a deny all without logging (cause it will fill the log files fast if you did do logging.) - -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 10:57 PM To: [EMAIL PROTECTED] Subject: Blocking port 4444 for W32.Blaster.Worm Hi all, I have just been reading up on the Blaster Worm, and Symantec suggest blocking TCP port 4444 at the firewall level; I was wondering if anyone has implemented this yet and if so, if they have any feedback on the results regarding performance, risks etc. Thanks in advance Steven Paice - ---------------------------------------------------------------------- - ----- - ---------------------------------------------------------------------- - ------ -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPzk4p3AnVb+gRdsVEQJemwCgtK+9kR5BcMiKN7Kn7ThmabZ/WAgAoJ8j NkYW182RebTFiQ6OwkZxX1B0 =dG7W -----END PGP SIGNATURE----- --------------------------------------------------------------------------- ----------------------------------------------------------------------------