Re: [Full-Disclosure] Cox is blocking port 135 - off topic

From: Joey (joey2cool_at_yahoo.com)
Date: 08/11/03

  • Next message: Lorenzo Hernandez Garcia-Hierro: "[Full-Disclosure] phpWebSite SQL Injection & DoS & XSS Vulnerabilities" 
    To: full-disclosure@lists.netsys.com
Date: Sun, 10 Aug 2003 15:21:59 -0700 (PDT)

    cox does block port 445 also, but i havent seen any
    exploits that use that port. even though its said that
    port 445 is vulnerable, where is the POC?

    --- Kurt Seifried <listuser@seifried.org> wrote:
    > Off topic:
    >
    > This won't help much at all. Windows 2000/XP run
    > Microsoft SMB over TCP on
    > 445 as well (reduced overhead then 135/etc, no
    > NetBIOS layer). When a client
    > tries to connect to a remote host for file/print
    > sharing/etc it connects on
    > both ports 135 and 445, if a response is recieved
    > from port 445 it drops the
    > connection to 135. THe attack works quite well
    > against client systems using
    > port 445. If Cox blocks both ports 135 and 445 that
    > will be semi-effective
    > (except of course for internal users who spread a
    > worm/etc, such as laptops
    > that move around). THis may block a few of the more
    > stupid attacks but not
    > for long.
    >
    > Kurt Seifried, kurt@seifried.org
    > A15B BEE5 B391 B9AD B0EF
    > AEB0 AD63 0B4E AD56 E574
    > http://seifried.org/security/
    >

    __________________________________
    Do you Yahoo!?
    Yahoo! SiteBuilder - Free, easy-to-use web site design software
    http://sitebuilder.yahoo.com
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Lorenzo Hernandez Garcia-Hierro: "[Full-Disclosure] phpWebSite SQL Injection & DoS & XSS Vulnerabilities"

    Relevant Pages

    • Re: Cant Access My Personal IIS Web Server
      ... The most common reason for this is that your ISP has started to block port ... It is of course also possible that you block port 80. ... Good Luck! ... > web site from ourside my home network? ...
      (microsoft.public.inetserver.iis)
    • Re: [SLE] Redirect connection to another IP Address
      ... >>I'm going to add my voice to everyone who says just block port 25! ... so you don't need to allow port 25 from the outside world. ... Una prensa libre es el gran enemigo de los dictadores. ... Independientemente de sus abusos, sus debilidades, sus errores. ...
      (SuSE)
    • Re: SBC DSL blocks port 80?
      ... SBC DSL does not block port 80. ... This is confirmed just a moment ago, I removed my Linksys WRT54G router ... SBC does not block port 80. ...
      (comp.dcom.xdsl)
    • Re: No inbound email from external domains -- please help!
      ... inbound/outbound, yes, but only for mail going externally... ... using SMTP connector to smtp.comcast.net...will verify they didn't block port 25 ... Telnet to port 25 from inside the LAN to ensure it is responding. ... All of a sudden, no external email is being received, and outbound mail is queuing. ...
      (microsoft.public.windows.server.sbs)
    • Re: Different SSH server settings for alias IP
      ... I found it to be less of a PITA to block port 22 on the interface I do not ... , two config files, explicitly define which IPs ...
      (comp.unix.bsd.freebsd.misc)