Thanks for the reply Michael, my post was initially just a query, upon
further investigation I found that in fact our firewall already blocks
these ports as you suggested, I just have to implement the deny all without
logging.
"Michael
LaSalvia" To: <[EMAIL PROTECTED]>, <[EMAIL
PROTECTED]>
<[EMAIL PROTECTED] cc:
net> Subject: RE: Blocking port 4444 for
W32.Blaster.Worm
13/08/2003
02:57 AM
Please respond
to mike
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Why would you have that port open any way on your firewall. A
firewall should be explicit deny all unless there is a need to have
that port open. I don't know many people that have port 4444 open for
any reason. I can say that because I deal with many large companies
firewalls.
Not only should you have 4444 blocked you should have a NetBIOS block
rule that is a deny all without logging (cause it will fill the log
files fast if you did do logging.)
- -----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Monday, August 11, 2003 10:57 PM
To: [EMAIL PROTECTED]
Subject: Blocking port 4444 for W32.Blaster.Worm
Hi all,
I have just been reading up on the Blaster Worm, and Symantec suggest
blocking TCP port 4444 at the firewall level; I was wondering if
anyone has
implemented this yet and if so, if they have any feedback on the
results
regarding performance, risks etc.
Thanks in advance
Steven Paice
- ----------------------------------------------------------------------
- -----
- ----------------------------------------------------------------------
- ------
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBPzk4p3AnVb+gRdsVEQJemwCgtK+9kR5BcMiKN7Kn7ThmabZ/WAgAoJ8j
NkYW182RebTFiQ6OwkZxX1B0
=dG7W
-----END PGP SIGNATURE-----
---------------------------------------------------------------------------
----------------------------------------------------------------------------
