[Dshield] DCOM morning after

John Groseclose iain at caradoc.org
Tue Aug 12 23:22:58 GMT 2003


* John Hardin <johnh at aproposretail.com> [030812 15:48]:
> On Tue, 2003-08-12 at 10:16, Darren Gasser wrote:
> > However, a properly configured VPN generally
> > wouldn't let ports 135 and 4444 through to the internal network
> 
> Crippling Windows Networking reduces the utility of a telecommuter VPN
> supporting Windows users. And blocking ports above 1024 will lead to
> random connection failures and a perceived degradation of the
> reliability of the network.
> 
> Port blocks aren't a panacea.

Beg pardon? Every telecommuting VPN I've worked with does port-forwarding to get around exactly this issue.

So how does port-blocking on 135 cripple telecommuters? 




More information about the list mailing list