[Dshield] Port 135

Jason Allen jallen at garden-city.org
Fri Oct 25 19:47:10 GMT 2002


I may be missing the point here, but it's not about the messenging
client...it's about assuming responsibility for what you allow to go in and
out on your network....if you are comfortable not using a firewall to
protect the folks on the inside, that's your judgement call, but when you
give 10 thousand students free reign to wreak whatever havok they may enjoy
on the rest of us, just so it is more 'convenient' for you, you are guilty
of gross negligence. It's really prettty simple. Spend the schools money and
tighten down the network. The easy road leads to disaster. I suppose it
would be fine to allow them all to trade software and music illegally
too....maybe we should call the recording industry and just ask for a better
way of recording music. 
 

-----Original Message-----
From: Roger [mailto:RShady at stny.rr.com]
Sent: Friday, October 25, 2002 11:58 AM
To: list at dshield.org
Subject: Re: [Dshield] Port 135


Let's clarify something.  There is Windows Messenger that the admin uses to
broadcast messages using his intranet.  You'll
see it in Windows 2000/XP by opening the Microsoft Management Console and
clicking on Services.  I believe what  the students are using is MSN
Messenger.

Jan Johansson wrote:


On Wed, Oct 16, 2002 at 10:17:05AM -0700, John Hardin wrote:

  

If they're accessing this through your firewall, your firewall is

misconfigured. I think that could be an effective argument against

liability.

    



What firewall? And where should I point it with 10 000 students.

Protect the Internet from me or me from the Internet. It is as

much harm on either side anyway which makes it useless.



  

135:139 SHOULD NOT be permitted in from or out to the Internet.

    



How should my students then be able to access their files from

home? Mapping shares over the Internet works and is easy to

use for the computer illiterate.



The problem lies in the messenger service. It should validate

messages using crypto and whatever means the administrator has

decided. (This may be possible but I 'Don't do Windows').



Instead of talking law call your Micrsoft support line and ask

for a better Messenger service.





_______________________________________________

Dshield mailing list

Dshield at dshield.org <mailto:Dshield at dshield.org> 

To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list
<http://www.dshield.org/mailman/listinfo/list> 



  


#####################################################################################
This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal 
- For more information please visit www.nwtechusa.com
#####################################################################################
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/list/attachments/20021025/9fc9abe6/attachment.htm


More information about the list mailing list