[unisog] Windows Update

Peter Van Epp vanepp at sfu.ca
Thu Aug 14 15:24:25 GMT 2003

On Wed, Aug 13, 2003 at 10:14:02PM -0500, E. Larry Lidz wrote:
> The second concern is the infected machines on our network that might
> be contributing to the DoS. We've pretty much eliminated the worm from
> our campus proper, but it runs rampant in our modem pool (we're
> blocking appropriate ports in both directions to prevent it from
> infecting others) and we have occasional new infections. Regardless,
> we're going to be sending some packets Microsoft's way no matter what.

	Do we know what port or ports the DOS is going to use? I'd be tempted
to block them towards MS at the border. While that may take out Windows 
Update locally (we have a local copy of the blaster patch and little sympathy
for those that didn't patch when asked to) it should at least keep us from
adding to the din. Although I'm down to whacking one or 2 infected machines
a day at this point and quite willing and able to whack anyone attempting 
to DOS MS (even though they probably deserve it) and thats the fallback plan.

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada

More information about the unisog mailing list