re: re: GCI filtering port 139?

From: KURT BRENDGARD <brendgard@yahoo.com>
Date: Tue Dec 28 2004 - 19:42:42 AKST

short answer: YES!!!!!!

long answer: YES!!!!!!! how important is that box to
you? you set it up with those ports open, it wont take
long till somebody figures out its there and starts in
on it(2 scripts, one to find, one to try owning). even
if its netbsd, it wont take them long to figure out
its not windows and fingerprint the box to see what it
is(another script). once they do that, they start
looking up what holes there are in it(posted on
various sites for all to read). those ports are some
of the most looked for on the net, simply because most
windows boxes listen on them, even if they are
hidden/closed/protected. and the tools to own boxes
are scripts free for the download. simply put, those
are among the last ports you want open to the
internet, on any system.

if you do do it, at least back the box up, youll need
it.

------------------------------

Date: Mon, 27 Dec 2004 17:11:55 -0900
From: Grant Stockly <grant@cmosxray.com>
Subject: re: GCI filtering port 139?

Its a netbsd box running samba with one share, one
user, and an
ipfilter
for one IP address. Do I really need more?

At 11:56 AM 12/26/2004 -0800, KURT BRENDGARD wrote:
>whats your ip addy ?? i could use some more storage
>for my files :>
>
>you should never ever ever open those ports to the
>internet, unless you WANT somebody to own you. the
>newer windows boxes can be set up to virtual private
>network with few(for windows) problems. i'm assuming
>you have a firewall of some kind, (if not, set one
up,
>better the script kiddies own your firewall and give
>you more time to protect your server. its one more
>layer of protection they have to go through) they are
>not that spendy now days. most of them now come with
>vpn built in as well. if you set up a linux firewall,
>you can set up one on that. if its a stationary box
>you are using to vpn in, you could set up vpn to vpn
>firewalls, but that allows the whole network to use
>your files as well.
>
>
>
>
>

                
__________________________________
Do you Yahoo!?
Take Yahoo! Mail with you! Get it on your mobile phone.
http://mobile.yahoo.com/maildemo
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Dec 28 19:42:45 2004

This archive was generated by hypermail 2.1.8 : Tue Dec 28 2004 - 19:42:45 AKST