Re: I am REALLY Getting Tired of Probes on 445 and 135
From: Aussie Fred (fred_at_hotmail.com)
Date: 10/02/04
- Next message: walterbyrd: "Re: The very basics of security"
- Previous message: all mail refused: "Re: I am REALLY Getting Tired of Probes on 445 and 135"
- In reply to: Todd Knarr: "Re: I am REALLY Getting Tired of Probes on 445 and 135"
- Next in thread: Paul remove-the-nospam Day: "Re: I am REALLY Getting Tired of Probes on 445 and 135"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 01 Oct 2004 22:30:22 GMT
In <K377d.5131$Hz.1208@fed1read04> Todd Knarr wrote:
> In comp.security.misc <10lpo43hs897se7@news.supernews.com> Felix Tilley
> <ftilley@localhost.localdomain> wrote:
>> Microsoft: Fix your fucking shitware. (Will not happen)
>> ISPs: Fix your compromised users.
>
> I just set iptables to drop without logging all packets to or from
> the Windows networking ports at the WAN interface on my network (in
> the input, output and forwarding rules). There's never any reason
> for those ports to be in use outside my LAN, and there's so much
> traffic on them that it obscures the real attacks that might stand
> a snowball's chance of getting in.
I set them to drop without logging coming in for the same reason. But I log
packets going out as this can indicate a worm/virus or misconfiguration of
the internal network
- Next message: walterbyrd: "Re: The very basics of security"
- Previous message: all mail refused: "Re: I am REALLY Getting Tired of Probes on 445 and 135"
- In reply to: Todd Knarr: "Re: I am REALLY Getting Tired of Probes on 445 and 135"
- Next in thread: Paul remove-the-nospam Day: "Re: I am REALLY Getting Tired of Probes on 445 and 135"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
