[unisog] anyone else seeing lots of popup spam/malware?
jeff-kell at utc.edu
Wed Oct 26 17:05:16 GMT 2005
Peter Van Epp wrote:
> Blocking UDP inbound with a source port of 0 sounds to me like a good
> bet (I don't see anything else using it in a quick scan through the argus
Actually, unless you have a really compelling reason why you can't, you should block anything with a source or destination port < 20 (20 being active FTP data channel, and generally needed), tcp or udp.
More information about the unisog