Patched routers and switches blocking WINS service

Cisco recommended that I patch my routers and switches IOS by blocking Blaster and Nachi ports 135, 139, even 69

and ICMP. But doesn't Microsoft's WINS service use some of these ports? My users now cannot see their domains, and I have a feeling it's because I'm blocking ports that they need, including some applications. What should I do?

Yes, I agree the Cisco recommendation is bad. And yes, you will block critical Windows ports that will not allow any Windows type of connections. I believe this was a first step by Cisco to stop the spread of malicious code. Now I think there is an IOS patch that will fix the problem within the router and switches, so you don't need to block them.

Furthermore, I think Cisco was making a general statement for fast fix so they could then update the IOS.

For more info on this topic, please visit these SearchSecurity.com resources:
  • Virus update: Blaster
  • Virus update: Sobig-F & Nachi

  • This was first published in September 2003

    Dig deeper on Network Firewalls, Routers and Switches



    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.



    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: