/* Disclaimer: This is not a commerical, just a knowledge quest */
At 09:25 PM 12/9/97 -0600, James Strompolis wrote:
>One thing I would do with an NT based firewall of any sort is put a router
>in front of it and filter out ports 135,137,138,139. Filter out both TCP
>and UDP to be sure. These are the MS RPC and NetBIOS ports. You could be
>subject to a DoS attack if these ports are left exposed. I imagine
>Checkpoint and/or Raptor took this into account when replacing the MS
>TCP/IP stack (does Raptor Eagle do this?) but I'm not positive of this.
AFAIK, Milkyway is the only FW company that *completely replaces* the NT
stack to date. The other FW's on NT use shims or patches to try and lock
down the NT stack. Someone from the other vendors please correct me if I'm
wrong, but I believe this to be correct.
>It can't hurt to filter these ports anyway.
>
>I'd be more inclined to black box it with a PIX or some other sort of
>firewall in your situation.
>
>- James Strompolis
> Aleph Consultants, Inc.
> jimst @
enteract .
com
>
>On Tuesday, December 09, 1997 8:14 AM, Niemann, Darrel
>[SMTP:EMAIL!BGII!NiemannD @
ballygam .
attmail .
com] wrote:
>>
>> Wow,
>>
S N I P !!
Steve Kruse
Milkyway Networks
***********************************************
* jsk347 @
sprynet .
com (Personal E-Mail) *
* skruse @
milkyway .
com (Company E-Mail) *
* http://www.milkyway.com *
***********************************************
References:
|
|
