[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Cox is blocking port 135

To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] Cox is blocking port 135
From: Joey <joey2cool@yahoo.com>
Date: Sun, 10 Aug 2003 03:36:52 -0700 (PDT)

Port 135 Block Implementation

Recently, the US Department of Homeland Security
issued an advisory to Internet Service Providers,
including Cox Communications. It warns of a potential
network disruption due to a security loophole in the
Windows 2000, XP, NT, and 2003 operating systems. This
loophole may allow hackers unauthorized access to
computers on our Cox High Speed Internet network and
the Internet at large, using computer viruses or
worms. 

The government has called for the filtering of three
ports (ports 135, 137 and 445) to prevent hackers from
exploiting the security loopholes. A port is basically
a point of connection for a specific type of program.
For example, whenever a request is sent to display a
web page like www.cox.net, it is sent to port 80. Cox
currently filters (in both directions) two of the
ports identified in the advisory -- ports 137 and 445.
This prevents computers on the Internet from talking
to your computer on these ports. 

In the last week, the Cox Abuse department has seen a
significant increase in the number of computers on our
customer network that have been infected with viruses
and worms; we are therefore complying with the
Department of Homeland Security Advisory. The spread
of infection is due to a high number of users
operating exploitable versions of Microsoft Windows,
primarily XP and 2000 (i.e. unpatched machines). Cox
recommends that customers visit the Microsoft Windows
Update website frequently to insure they are updating
and protecting themselves from newly discovered
exploits. 

Cox anticipates the filter of port 135 will be
implemented in all markets by August 10th, 2003.

>From -http://support.cox.net/custsup/safety/port_135.shtml

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] Cox is blocking port 135 - off topic
  - From: "Kurt Seifried" <listuser@seifried.org>

Prev by Date: Re: [Full-Disclosure] RPC DCOM footprints - Symantec sucks?
Next by Date: Re: [Full-Disclosure] DCOM Worm/scanner/autorooter !!!
Prev by thread: [Full-Disclosure] [SECURITY] [DSA-361-2] New kdelibs-crypto packages fix multiple vulnerabilities
Next by thread: [Full-Disclosure] Cox is blocking port 135 - off topic
Index(es):
- Date
- Thread