Groups | Search | Server Info | Login | Register
Groups > microsoft.public.windowsxp.general > #143792
| From | Paul <nospam@needed.invalid> |
|---|---|
| Newsgroups | alt.comp.os.windows-xp, alt.os.windows-xp, microsoft.public.windowsxp.general |
| Subject | Re: DIRECT LINK: Windows XP SP3 WanaCry/WanaCrypt patch |
| Date | 2017-05-14 14:41 -0400 |
| Organization | A noiseless patient Spider |
| Message-ID | <ofa87e$ef9$1@dont-email.me> (permalink) |
| References | <EDHRA.55459$oF6.17013@fx26.iad> <enq0nbF8vf8U1@mid.individual.net> <trFrYOGzZDGZFw5a@soft255.demon.co.uk> |
Cross-posted to 3 groups.
J. P. Gilliver (John) wrote:
> In message <enq0nbF8vf8U1@mid.individual.net>, VanguardLH <V@nguard.LH>
> writes:
> []
>> "Consider adding a rule on your router or firewall to block incoming SMB
>> traffic on port 445"
>>
>> Who has a router (seperately or in a modem/router combo from their ISP)
>> that doesn't have a simple stateful firewall that blocks unsolicited
>> inbound connect attempts?
>
> I don't know if my modem/router combo has this - it probably does - but
> I thought I'd add such a rule to my firewall anyway. But my firewall
> doesn't seem to list "SMB" among the protocols I can select - it offers
> the following choice:
> Any
> TCP
> UDP
> UCP and UDP
> ICMP
> Other
> Only the TCP and UDP ones let me specify a port. Other produces a box,
> but I get an error beep if I try to type SMB into it - I _think_ I can
> only type numbers into that.
> (Firewall is KPF 2.1.5 FWIW.)
They could be listed by port number.
https://serverfault.com/questions/346196/tcp-ip-ports-necessary-for-cifs-smb-operation
137/UDP, 138/UDP, 139/TCP and 445/TCP
http://www.icir.org/gregor/tools/ms-smb-protocols.html
And it's possible that printing or other ancient nameserving
dependencies, could be affected by your exuberance.
Yes, I've been thinking about blocking these too, as an
alternative implementation. One thing I don't know, is
if my "router" right now, has an interface to upload a
rule set. I'd rather block something at the router, than
modify every OS I've got for this. Since these machines
would be on the switch side of my home router, the rules
probably don't apply to them anyway. (Only to WAN side,
which has IPV4 NAT for 445 protection.)
I'm just afraid of blowback, if I mess with things too much.
And if I do it this way, It looks like I'm going to have
to test all the OS combinations, anyway. Grrr.
https://www.askwoody.com/2017/how-to-make-sure-you-wont-get-hit-by-wannacrywannacrypt/
Mayayana already suggested disabling some service,
and maybe that's a better way. At least with the service
disabled, you know file sharing is never going to work again.
Lots of *really great* choices.
Paul
Back to microsoft.public.windowsxp.general | Previous | Next — Previous in thread | Find similar
DIRECT LINK: Windows XP SP3 WanaCry/WanaCrypt patch XP-SP3 <none@none.no> - 2017-05-13 17:46 +0000
Re: DIRECT LINK: Windows XP SP3 WanaCry/WanaCrypt patch VanguardLH <V@nguard.LH> - 2017-05-13 22:20 -0500
Re: DIRECT LINK: Windows XP SP3 WanaCry/WanaCrypt patch Paul <nospam@needed.invalid> - 2017-05-14 01:59 -0400
Re: DIRECT LINK: Windows XP SP3 WanaCry/WanaCrypt patch Steve Hayes <hayesstw@telkomsa.net> - 2017-05-14 16:10 +0200
Re: DIRECT LINK: Windows XP SP3 WanaCry/WanaCrypt patch Paul <nospam@needed.invalid> - 2017-05-14 11:17 -0400
Re: DIRECT LINK: Windows XP SP3 WanaCry/WanaCrypt patch "J. P. Gilliver (John)" <G6JPG-255@255soft.uk> - 2017-05-14 11:50 +0100
Re: DIRECT LINK: Windows XP SP3 WanaCry/WanaCrypt patch Paul <nospam@needed.invalid> - 2017-05-14 14:41 -0400
csiph-web