[rescue] firewalling windoze crap
Curtis H. Wilbar Jr.
rescue at hawkmountain.net
Sat Aug 16 16:49:55 CDT 2003
My "default" firealling method is to use a statefull firewall and
only allow responses to come back in. Then as I need to depending on
the application I open up ports from the outside world.... that is
more secure than blocking this, blocking that, etc... as most people
need very little to come through (as a connection innitiator.. and
at least from a home user perspective).
-- Curt
>Date: Sat, 16 Aug 2003 16:02:55 -0400
>From: Phil Stracchino <alaric at caerllewys.net>
>To: rescue at sunhelp.org
>Subject: Re: [rescue] firewalling windoze crap
>Mail-Followup-To: rescue at sunhelp.org
>X-ICBM: 35.6880N 77.4375W
>X-PGP-Fingerprint: 2105 C6FC 945D 2A7A 0738 9BB8 D037 CE8E EFA1 3249
>X-PGP-Key-FTP-URL: ftp://ftp.babcom.com/pub/pgpkeys/alaric.asc
>X-PGP-Key-HTTP-URL: http://www.babcom.com/alaric/pgp.html
>X-UCE-Policy: No unsolicited commercial email is accepted at this site. All
senders of UCE will be immediately and permanently blocked.
>User-Agent: Mutt/1.5.4i
>
>On Sat, Aug 16, 2003 at 03:31:02PM -0400, Dave McGuire wrote:
>> Hey folks. I have a neighbor connecting through my network. He's
>> running Windoze.
>>
>> What ports do I need to block on my firewall to protect him from this
>> latest bullshit? And what ports in general should I block to help
>> protect his machine?
>
>W32/Blaster (aka DCOM-RPC) attacks via port 135. I also block 7-19,
>37-43, 57-77, 111, 137-139, 161-191, 199-442, 444-515, 520-1023,
>1433-1434, 4444, and 32770-32779. Of these, the key ones for protecting
>Windows boxen are 137-139, 444-515, 1433-1434, 4444, and 32770-32779
>iirc.
>
>
>--
> .********* Fight Back! It may not be just YOUR life at risk. *********.
> : phil stracchino : unix ronin : renaissance man : mystic zen biker geek :
> : alaric at caerllewys.net : alaric-ruthven at earthlink.net : phil at latt.net :
> : 2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold) :
> : Linux Now! ...Because friends don't let friends use Microsoft. :
>_______________________________________________
>rescue list - http://www.sunhelp.org/mailman/listinfo/rescue
Curtis Wilbar
Hawk Mountain Networks
rescue at hawkmountain.net
My e-mail is protected against viruses and spam by MailGuardian
http://www.mailguardian.net
Top notch protection at unbelievable prices
More information about the rescue
mailing list