Re: [nsp] WinNukes

From: RTS (rts@rdr.net)
Date: Sat Sep 05 1998 - 22:05:57 EDT

Next message: bryan s. blank: "Re: [nsp] WinNukes"
Previous message: Jon Lewis: "Re: [nsp] WinNukes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Besides the services file in the /etc directory where can I find out what
all of the port numbers for all of the services are. What is recommenced
to block, I assume anything you dont want people from the outside to get
access to??

Thanks for your help....

Randy
rts@rdr.net

At 09:27 PM 9/5/98 -0400, you wrote:
>We use the following to block incoming winnukes, tftp, imap, bootp, nfs,
>xwindows, chargen, echo, etc. We have others in this access list but due
>to security concerns we wont post them here (and to save bandwidth)
>
>
>access-list 111 deny udp any any eq 67
>access-list 111 deny udp any any eq 68
>access-list 111 deny tcp any any eq 135
>access-list 111 deny tcp any any eq 137
>access-list 111 deny tcp any any eq 139
>access-list 111 deny udp any any eq 135
>access-list 111 deny udp any any eq netbios-ns
>access-list 111 deny udp any any eq 139
>access-list 111 deny udp any any eq tftp
>access-list 111 deny tcp any any eq 143
>access-list 111 deny tcp any any eq 220
>access-list 111 deny tcp any any eq echo
>access-list 111 deny udp any any eq echo
>access-list 111 deny tcp any any eq discard
>access-list 111 deny udp any any eq discard
>access-list 111 deny tcp any any eq chargen
>access-list 111 deny udp any any eq 19
>access-list 111 deny tcp any any eq 2049
>access-list 111 deny udp any any eq 2049
>access-list 111 deny tcp any any eq 6000
>access-list 111 deny tcp any any eq 6001
>access-list 111 deny tcp any any eq 6002
>access-list 111 deny tcp any any eq 6003
>access-list 111 permit ip any any
>
>
>
>The we apply:
>
>ip access-group 111 out
>
>to the ethernet port on the router.
>
>--
>Tom Mullaney <tpm@jovian.net> Jovian Networks, LLC
>nic: TM6112 Townsend, MA 01469-1182
>icq: 17378679 (888) 568-4261
>aim: tpmullaney http://www.jovian.net
>--
>Unix, networking, administration, consulting, programming, Internet services
>
>On Sat, 5 Sep 1998, RTS wrote:
>
>> Date: Sat, 05 Sep 1998 20:17:28 -0500
>> From: RTS <rts@rdr.net>
>> Reply-To: cisco-nsp@qual.net
>> To: cisco-nsp@qual.net
>> Subject: [nsp] WinNukes
>>
>> Yea.... we all hate them (WinNukes)
>>
>>
>> In a CISCO Router what is the easiest way to prevent them from hitting the
>> computers on a network??
>>
>> Randy
>> rts@rdr.net
>>
>>
>>
>

Next message: bryan s. blank: "Re: [nsp] WinNukes"
Previous message: Jon Lewis: "Re: [nsp] WinNukes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:18 EDT