[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security....

James Kosin wrote:


I've actually had to lock down most ports on my server; because, I got tired of all the attempts at attacks.
Everyone, please use a firewall. I've noticed many attacks to the following ports:
111 -- sunrpc ** this effects Linux machines
135 -- DCE Endpoint Resolution
137 -- netbios-ns
139 -- netbios-ssn
445 -- microsoft-ds ** these affects samba services as well.
1433 -- ms-sql-s
1434 -- ms-sql-m ** I don't know why SQL ports are being attacked.

  1023 -- ???
  5554 -- ???
  9898 -- ???  ** this group may be related to PCAnywhere, or Worm, etc.

The most active: port 445 by far!

Just giving everyone a heads-up on the security issues.
James Kosin


A visit to www.symantec.com (yes this is the web site for Norton/Symantec Antivirus) reveals that most of the attacks are directed at known vulnerabilities in Microsoft Windows and/or Internet Explorer. The 'hit' on 111 (sunrpc) usually reveals what operating system you are running. However, a good firewall will stop these probes. BTW, there is a well known and patched vulnerability in most Windows products with TCP Port 445.

James McKenzie

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]