Blocking Windows Networking at the Border?

Phil.Rodrigues at uconn.edu Phil.Rodrigues at uconn.edu
Thu Apr 18 18:04:46 GMT 2002


Hi,

The University of Connecticut experienced all the fun Windows hacks of the 
last few weeks that everyone else did ("Got Warez?" XDCC bots, 
W32Time/FluxaySensor Trojan/Password crackers, MIRC-DOS scripts), all 
pretty much as a result of allowing Windows Networking across our Internet 
link.  With 8,500 students and a few thousand staff computers on the 
network *someone* will have a weak share.

We have been considering blocking ports 135-139/445 at the routers for a 
few weeks now for privacy issues (the assumption that things shared on the 
"local network" are only accessible by other University computers) and 
after all of this we are considering it for security reasons as well.  We 
have never blocked anything before, and none of us really wants to start 
down this slippery slope, but user education about open shares and strong 
passwords only seems so effective.

What are other schools doing to combat these types of problems?  Are many 
of you blocking Windows Networking at the border?  Do those that choose 
not to block it have compelling reasons to keep it open, or do you leave 
it open because "it has always been that way"?

Thanks for your input, and shoot me a private reply if you prefer.

Phil

=======================================
Philip A. Rodrigues
Network Analyst, UITS
University of Connecticut

email: phil.rodrigues at uconn.edu
phone: 860.486.3743
fax: 860.486.6580
web: http://www.security.uconn.edu
=======================================



More information about the unisog mailing list