-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 who is this "nutbar" who thinks they are totoally secure? I'd like to know so that I can avoid meeting him unless I have reason to. totally secure = power supply isolated, non-networked machine behind 2 layers of steel doors and lots of guards. anything else is debatable. Technomage On Saturday 15 March 2003 03:17 am, Entelin wrote: > I have a client I am trying to convince to install a firewall, (eather > iptables or preferably cisco PIX). They have practicly every service > under the sun open, the only reason their tcp netbios ports are closed > is because cox filters them. The only reason I am having to convince > them of anything is because they have another linux tech working for > them and he is somehow convinced that they are completely secure "at the > deamon level" wrote a big email to my client saying they dident need to > install a firewall, or even close totaly unused ports on their box! > (they even had echo and chargen open before I at least convinced them to > close those ie: forged packet between echo and chargen = storm). > nevermind the two root exploits their sendmail is at risk for. and the > password sniffing of their login,telnet etc.. god.. > > ANYWAY sorry for that rant. back on topic I was wondering if I could do > anything with these udp ports in absence of the filtered tcp netbios > ports. ? as in gain any kind of access or DoS. > > 137/udp open netbios-ns > 138/udp open netbios-dgm > 139/udp open netbios-ssn > > Thanks :) > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change you mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss - -- I will not be pushed, filed, stamped, indexed, briefed, debriefed, or numbered! My life is my own - No. 6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+cwhOn/usgigAaLcRAs79AJ9Tty91a3ZorlD3pgKL9dBRRJSSzACeKW4U 6v2lRe90Uh6uuJYQKty5ihg= =hUiC -----END PGP SIGNATURE-----