From: by way of Micronet mailing list administrator (albrown_at_eecs.berkeley.edu)
Date: Tue Aug 05 2003 - 15:05:28 PDT
Exactly. In fact I'll go further than that and suggest that it will
make the problem worse, as people will have a tendency to think that
they are safe behind a firewall, stop patching their systems, and then
get clobbered by someone's laptop on the other side of campus which is
trying to eat everything in sight.
Lars Rohrbach wrote:
> Ross Dmochowski wrote:
>
>> On Thu, 2003-07-31 at 13:37, Jon Forrest wrote:
>>
>>>> Inbound ports 135 -139 (NetBIOS over TCPIP) should be blocked from
>>>> coming into campus as a whole.
>>>
>>>
>>> If this were done then I believe this would prevent
>>> people from mapping shares from campus computers
>>> on computers outside the campus boundary.
>>
>>
>>
>> Really, is this _such_ a burden? I do not think that the number of users
>> who _really_ NEEDED this kind of access is significant.
>> The number of machines exposed to such problems are VERY significant.
>
>
> Keep in mind that even if those ports *were* blocked at the border, we
> are all exposed to a VERY significant number of machines on *this* side
> of the border, not to mention laptops that are at times on both sides. A
> box on our side can be compromised in any number of ways, and then begin
> attacking with these windows exploits.
>
> IMO, with an attack vector as potentially rampant as this one, a
> firewall makes little difference.
>
>
-- ____________________________________________ alex brown computer user support group eecs, uc berkeley ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2.1.5 : Tue Aug 05 2003 - 15:15:33 PDT