Cisco recommended that I patch my routers and switches IOS by blocking Blaster and Nachi ports 135, 139, even 69...
and ICMP. But doesn't Microsoft's WINS service use some of these ports? My users now cannot see their domains, and I have a feeling it's because I'm blocking ports that they need, including some applications. What should I do?
Yes, I agree the Cisco recommendation is bad. And yes, you will block critical Windows ports that will not allow any Windows type of connections. I believe this was a first step by Cisco to stop the spread of malicious code. Now I think there is an IOS patch that will fix the problem within the router and switches, so you don't need to block them.
Furthermore, I think Cisco was making a general statement for fast fix so they could then update the IOS.
For more info on this topic, please visit these SearchSecurity.com resources:
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.