[fw-wiz] Blocking MS Blaster
From: arnaud DUPUIS (arno.dupuis_at_wanadoo.fr)
Date: 08/14/03
- Previous message: Mike Hoskins: "[fw-wiz] re: NAT for a simple network"
- Next in thread: Dave Killion: "RE: [fw-wiz] Blocking MS Blaster"
- Maybe reply: Dave Killion: "RE: [fw-wiz] Blocking MS Blaster"
- Reply: Martin Peikert: "Re: [fw-wiz] Blocking MS Blaster"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "fw-wizz" <firewall-wizards@honor.icsalabs.com> Date: Thu, 14 Aug 2003 18:37:50 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi list,
I would like to know how did you have try to block the MS Blaster worm ?
Personnaly I've had those line to my Netfilter's script :
echo "* Protection against MS Blaster"
${FW} -A inet-lan -p tcp -m multiport --dports 135,137,139,445,593,69,4444 -j
DROP
${FW} -A inet-lan -p udp -m multiport --dports 135,137,139,445,593,69,4444 -j
DROP
${FW} -A lan-inet -p tcp -m multiport --dports 135,137,139,445,593,69,4444 -j
DROP
${FW} -A lan-inet -p udp -m multiport --dports 135,137,139,445,593,69,4444 -j
DROP
My firewall is base on a Slackware Linux with grsecurity patch (kernel
2.4.20).
Have you a better solution ?
Greetz and regards
Arnaud
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE/O7roNG3DWex93LoRAjCiAJ9Aj6gL+aoK4J+1gvVHzz+85MZn3ACfbQ/g
Zv5tifEWPRXdbelgz9gBokw=
=OgLX
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Mike Hoskins: "[fw-wiz] re: NAT for a simple network"
- Next in thread: Dave Killion: "RE: [fw-wiz] Blocking MS Blaster"
- Maybe reply: Dave Killion: "RE: [fw-wiz] Blocking MS Blaster"
- Reply: Martin Peikert: "Re: [fw-wiz] Blocking MS Blaster"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
