Re: [fw-wiz] RE: Help w/ Port 137 Traffic

• Previous message: Frank Knobbe: "RE: [fw-wiz] RE: Help w/ Port 137 Traffic"
• In reply to: R. DuFresne: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Next in thread: R. DuFresne: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Next in thread: Luca Berra: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Reply: R. DuFresne: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 13/10/02 14:40 -0400, R. DuFresne wrote:
> depending upon the kinda of windows OS' behind your firewall, you might
> wish to add 135-139, tc and udp, as well as 445, and 1433,1434.  Of course
> 1080 1090 1900 5000 might not hurt to be blocked either, depending upon
> services running on those systems.  IM fileshareing ports might well be blocked as well, at
> the least, 4443 1503 3574 5010 6891 7320.  And of course, this is not an
> exhaustive list.  
Wouldn't the Right Thing(tm) be to block everything and then allow only
what traffic is supposed to go out?
Not logging 137/udp is a good idea because it fills up the logs and does
not add any significant information to them.

Devdas Bhagat
_______________________________________________
firewall-wizards mailing list
firewall-wizardsat_private
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Next message: Luca Berra: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Previous message: Frank Knobbe: "RE: [fw-wiz] RE: Help w/ Port 137 Traffic"
• In reply to: R. DuFresne: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Next in thread: R. DuFresne: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Next in thread: Luca Berra: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Reply: R. DuFresne: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Oct 14 2002 - 05:28:29 PDT