Re: 4000 to 5000 TCP hits in my Firewall log??
- From: Jeff B <jbeard_No-SpAm_1185@xxxxxxxxxxxx>
- Date: Fri, 11 Aug 2006 09:12:07 -0700
pdarrah@xxxxxxxxx wrote:
Jeff B wrote:ports 135-139 + 445 are specific ports used by MS.
add a rule,
allow tcp/udp $your-lan-address/24 ports 135-139,445 ignore, nolog
eg: 139/445 are use for file/print sharing
Jeff B (remove the No-Spam to reply)
Hi Jeff - Does this mean that I shouldn't be concerned about this?
this is normal for MS, *BUT* you must enforce the access to
only your lan segment(s). ALL perimeter access *MUST* be denied!
> The
other computer isn't trying to "attack" this one? Why would this only
be occuring on one machine on the network.
see http://www.iss.net/security_center/advice/Exploits/Ports/135/
--
---
Jeff B (remove the No-Spam to reply)
.
- Follow-Ups:
- Re: 4000 to 5000 TCP hits in my Firewall log??
- From: Jeff B
- Re: 4000 to 5000 TCP hits in my Firewall log??
- References:
- Re: 4000 to 5000 TCP hits in my Firewall log??
- From: Jeff B
- Re: 4000 to 5000 TCP hits in my Firewall log??
- From: pdarrah
- Re: 4000 to 5000 TCP hits in my Firewall log??
- Prev by Date: Re: 4000 to 5000 TCP hits in my Firewall log??
- Next by Date: Re: 4000 to 5000 TCP hits in my Firewall log??
- Previous by thread: Re: 4000 to 5000 TCP hits in my Firewall log??
- Next by thread: Re: 4000 to 5000 TCP hits in my Firewall log??
- Index(es):
Relevant Pages
|
