Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » The Site » Old Forums » Kerio - Tiny Support » BZ Kerio 2x Default Replacement Update
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Links: ·Forum Guidelines ·Kerio/Tiny pre-3.x FAQ ·BBR Security Forum ·Security FAQ

gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA

Re: BZ Kerio 2x Default Replacement Update

Sure. Because it's provided for in the rules. That just automates by wizard the blocking of 137, 138, 139, etc. and makes it easy to add LAN allows in the private trust range. It could be used with the rules, too, as redundency, but it would be -less-, rather than more comprehensive, since the custom rules block 135, too, which wasn't considered imnportant by anybody (except me) until about two months ago when somebody actually did what I've been warning about for years, and exploited that wide open WinRPC endpoint map port...

It's a call... either use the preconfigured or make a rule. But if you use preconfigured, remember, you want to block the DCOM-RPC nonsense, that has no more business on the internet than NetBios traffic...
--
Every knot was once straight rope...
permalink · 2003-09-28 16:50:07 · Print ·

BlitzenZeus
Burnt Out Cynic
Premium,MVM
join:2000-01-13
Beaverton, OR
·Verizon FIOS
·Verizon Online DSL

Re: BZ Kerio 2x Default Replacement Update

Thanks Gwion, and your not the only one who was blocking 135

That feature tries to do two things, but the fact is, your rules can do a much better job, while controlling access to your shares in windows leaves you more secure overall.

I never saw the need for the addition of the tab at all, and it can possibly even make you more vulnerable now.
--
My hourly rates:
$25 per hour.
$35 per hour if you want to watch.
$45 per hour if you want to help.
$75 per hour if you tried to fix it, and failed.
permalink · 2003-09-28 18:51:43 · Print ·
Forums » The Site » Old Forums » Kerio - Tiny Support

Saturday, 05-Dec 22:59:20 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [147] Avast Antivirus Has Gone Mad
· [128] Comcast Makes NBC Universal Acquisition Official
· [122] The Bandwidth Hog Does Not Exist
· [105] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [85] FCC Ponders Moving From PSTN To IP Voice
· [82] Latest Consumer Reports Survey Not Kind To AT&T
· [80] New Bill Aims To Limit ETFs
· [75] Sprint Defuses GPS Privacy Media Bomb
Most people now reading
· Wife might have to work in.... Iowa for a few months!!! [General Questions]
· False positive in Avast! or is it real? [Security]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]
· Windows 7 boot manager editing questions [Microsoft Help]
· [Newsgroups] Newzleech down? [Filesharing Software]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· Using AirMax to provide triple play services? [Wireless Service Providers]
· RG Firmware update to VDSL2 this morning [AT&T U-verse]