[Dshield] Re: [Full-Disclosure] Port Blocking

Stephane Grobety security at admin.fulgan.com
Sun Jun 29 09:28:04 GMT 2003


BS> You say that like it takes some sort of awe-inspiring feat to increase the
BS> baseline security of a system. Running Windows Update a couple times,
BS> disabling NetBIOS over tcp/ip and Windows File and Print Sharing. These
BS> things should be REQUIRED to have your cable or DSL modem set up.

Then it would be impossible for unsophisticated users to have a
desktop computer and a laptop because they couldn't share printers or
files.

Windows update is a very good thing (I just hope it'd work better) but
if you're going to require netbios over IP to be disabled, why not
simply to it where it's easy to do, won't interfere with the user's
normal functions and where you can easily enforce it on all your
network: blocking it on the POP router ?

BS> It's up to the ISPs to be more responsive and responsible for the computers
BS> on their network. Reports like those coming from DShield should be acted on.
BS> You shouldn't have to pull teeth to get a misconfigured, infected, trojaned,
BS> spamming machine unplugged and fixed.

That's true, all very true.

BS> This is a case where it will require some actual work to do things the right
BS> way. Let's not take the easy way out and just block ports.

Let me ask the question once more: why ?

Good luck,
Stephane




More information about the list mailing list