Re: Shame on Microsoft

From: BitsNotBytes (bitsnotbytes_at_yahoo.com)
Date: 08/21/03


Date: 21 Aug 2003 14:19:20 -0700


I'm not even going to waste my time rereading the original advisory.
All I remember is the port numbers and patch install. There was no
mentioned too disable the port which would have clued me to ask the
question how instead of complain after the fact. The mention of ICF
for XP came later when people were infected before the patch was
installed. I'm not into conspiracies but obviously the patch solved
other unmentioned problems besides the RPC port buffer overflow
possibility which would have been apparent even if the port was
disabled.

BitsNotBytes

"Karl Levinson [x y], mvp" <levinson_k@despammed.com> wrote in message news:<O8n#z0$ZDHA.736@TK2MSFTNGP09.phx.gbl>...
> It is not entirely clear in the article, but the mention of the IP filtering
> on the Blaster worm is meant to be TEMPORARY to allow you to download the
> patch. It is not meant to be the first line of defence against the worm.
>
> I saw the draft of the Blaster advisory and know that it too mentioned
> installing a firewall. You want to install a firewall really, because IP
> filtering using the IPSec or TCP/IP Filtering features in Windows is NOT a
> firewall replacement.
>
>
> > "BitsNotBytes" <bitsnotbytes@yahoo.com> wrote in message
> > news:946bf591.0308190603.dba5e91@posting.google.com...
> > > I wished MS would have said something about this alternative in their
> > > security bulletin a month ago. I drilled down and found the port
> > > enable/disable setting which is your first line of protection if you
> > > don't use a firewall or couldn't install the patch.
> > >
> > > Thanks,
> > > BitsNotBytes
> > >
> > > "Ed Crowley" <curspice@pacbell.net> wrote in message
> news:<#9fJ3KZZDHA.2404@TK2MSFTNGP10.phx.gbl>...
> > > > "BitsNotBytes" <bitsnotbytes@yahoo.com> wrote in message
> > > > news:946bf591.0308150538.71571d7f@posting.google.com...
> > > > > You have to install a firewall to protect a listening port?
> > > >
> > > > Rubbish. Have you even looked at the advanced options for TCP/IP
> under
> > > > Windows?
> >