Ask the Expert

Patched routers and switches blocking WINS service

Cisco recommended that I patch my routers and switches IOS by blocking Blaster and Nachi ports 135, 139, even 69 and ICMP. But doesn't Microsoft's WINS service use some of these ports? My users now cannot see their domains, and I have a feeling it's because I'm blocking ports that they need, including some applications. What should I do?

    Requires Free Membership to View

Yes, I agree the Cisco recommendation is bad. And yes, you will block critical Windows ports that will not allow any Windows type of connections. I believe this was a first step by Cisco to stop the spread of malicious code. Now I think there is an IOS patch that will fix the problem within the router and switches, so you don't need to block them.

Furthermore, I think Cisco was making a general statement for fast fix so they could then update the IOS.


For more info on this topic, please visit these SearchSecurity.com resources:
  • Virus update: Blaster
  • Virus update: Sobig-F & Nachi

  • This was first published in September 2003

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: