RE: TCP 445 Scan?
From: Frank Knobbe (fknobbe@knobbeits.com)
Date: 03/04/03
- Previous message: Brian McWilliams: "Re: TCP 445 Scan?"
- In reply to: kyle@kylelai.com: "RE: TCP 445 Scan?"
- Next in thread: kyle@kylelai.com: "RE: TCP 445 Scan?"
- Reply: kyle@kylelai.com: "RE: TCP 445 Scan?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Frank Knobbe <fknobbe@knobbeits.com> To: incidents@securityfocus.com Date: 04 Mar 2003 13:59:31 -0600
On Tue, 2003-03-04 at 10:18, kyle@kylelai.com wrote:
> [...]
> The only good defense is to block port 445 and port 139 ports on your
> firewall, and set strong passwords for every user on your network, including
> administrator accounts.
No offense Kyle, but this bad advice. I'm not lashing out at you, but
I'm starting to get really irritated when people recommend 'simply block
this port on your firewall'. If that is what you have to do, then you
have much bigger problems.
Firewalls should block ALL PORTS by default. Only allow in what you need
to allow in. Anything else should be blocked. And that should include
port 445 [1].
Here again:
B L O C K A L L B Y D E F A U L T ,
A L L O W O N L Y W H A T I S N E E D E D .
Print this out and stick it on your firewall management console :)
Regards,
Frank
[1] Unless you really need it for some weird reason. But that would make
all this a mute point anyway.
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: Brian McWilliams: "Re: TCP 445 Scan?"
- In reply to: kyle@kylelai.com: "RE: TCP 445 Scan?"
- Next in thread: kyle@kylelai.com: "RE: TCP 445 Scan?"
- Reply: kyle@kylelai.com: "RE: TCP 445 Scan?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
