Hi,
I occasionally see connect attempts coming from
random hosts on the internet to some of the web servers
I maintain to TCP port 524.
I understand this is used Novell as part of their
protocol stack.
Should I just block these at the border router and
forget about them the same as I do with udp/137 which
is a Windows PC trying to do a netbios name lookup ?
(is it the same thing - the default way a machine works
as opposed to an active exploit?)
Thanks for any advice.
- Randy
-
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
