[unisog] anyone else seeing lots of popup spam/malware?

Jeff Kell jeff-kell at utc.edu
Wed Oct 26 17:05:16 GMT 2005


Peter Van Epp wrote:

> 	Blocking UDP inbound with a source port of 0 sounds to me like a good
> bet (I don't see anything else using it in a quick scan through the argus 
> logs).

Actually, unless you have a really compelling reason why you can't, you should block anything with a source or destination port < 20 (20 being active FTP data channel, and generally needed), tcp or udp.

Jeff



More information about the unisog mailing list