[GTER] Portas 445, 135, 137...
MARLON BORBA
mborba at trf3.jus.br
Tue Jan 26 12:27:04 -02 2010
Subscrevo essa proposta e admiro-me de, embora obvia, ela nao seja massivamente implementada.
Se isso for feito vulnerabilidades triviais de um certo sistema operacional serao bem menos exploradas.
Abraços,
Marlon Borba, CISSP, APC DataCenter Associate
Técnico Judiciário · Segurança da Informação
IPv6 Evangelist · Moreq-Jus Evangelist
Comissão Local de Resposta a Incidentes - CLRI
TRF 3 Região
(11) 3012-1581
--
Follow me on Twitter!
twitter.com/mborba
--
>>> Sergio Ferreira <sergio at wgo.com.br> 01/26/10 11:11 AM >>>
Prezados,
Não seria útil se os provedores começassem a bloquear essas portas
para evitar a disseminação de vírus, trojans, etc ??
Os serviços nestas portas foram feitos para utilização em LAN e não
em WAN.
O volume de pacotes é enorme e consome muitos recursos de banda,
hardware e pessoal.
Aqui filtro esses pacotes a anos e nunca tive uma solicitação para
liberar essas portas.
Só um exemplo do meu filtro, o volume é enorme :
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:2369
189.38.32.8:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:4461
189.38.32.9:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:4318
189.38.32.12:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:1066
189.38.32.13:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.138.189:3935
189.38.43.119:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 94.236.201.116:3691
187.44.72.106:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 89.18.8.29:3600
189.38.42.118:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:3241
189.38.32.24:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:3832
189.38.32.23:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 78.48.12.192:2132
189.38.38.46:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.120.218.30:2710
189.38.47.98:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:4879
189.38.32.25:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 201.50.15.37:4695
187.44.79.46:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:1917
189.38.32.35:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:4666
189.38.32.39:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 89.36.78.71:1934
187.44.76.52:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:2431
189.38.32.40:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:1403
189.38.32.44:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:3809
189.38.32.45:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 94.177.23.106:2482
187.44.72.87:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:2725
189.38.32.47:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:3266
189.38.32.48:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 62.227.149.182:1101
189.38.40.68:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 83.69.242.76:4989
189.38.44.86:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:1124
189.38.32.57:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:4991
189.38.32.58:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 140.247.58.26:2860
187.44.66.105:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:4201
189.38.32.62:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 114.47.173.64:2458
189.38.41.103:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:1296
189.38.32.70:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:2476
189.38.32.71:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:1378
189.38.32.75:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:2957
189.38.32.76:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 123.140.242.240:4821
187.44.64.75:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 78.106.179.130:4262
189.38.41.120:445 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 201.47.80.67:60816
189.38.37.107:24164 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 189.38.236.197:4742
189.38.32.84:135 in via vlan6
Jan 26 10:26:52 proxy kernel: ipfw: 2880 Deny TCP 114.126.158.251:3487
187.44.71.93:445 in via vlan6
Sérgio Ferreira
WGO Telecom
64 3411 3000
64 8119 1840
--
gter list https://eng.registro.br/mailman/listinfo/gter
More information about the gter
mailing list