RE: No problem with Exchange RPC and RPC patch
- From: Chad Roush <croush@xxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 18 Aug 2003 11:02:56 -0500
Cox Communications is also following this trend.
http://support.cox.net/custsup/safety/port_135.shtml
<http://support.cox.net/custsup/safety/port_135.shtml>
Chad Roush
-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Monday, August 18, 2003 10:22 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: No problem with Exchange RPC and RPC patch
http://www.ISAserver.org
Actually, I have no problem with an ISP block residential users of that port
for say, 3-5 days. But, at the same time, they should put up a notice, AND,
have an easy way for their users to get the patch and the fixes quickly.
Example, I have helped 2 friends by burning the patch onto a CD along with
the Symantec clean program and updated virus definitions because they could
not get online long enough to download.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Monday, August 18, 2003 8:12 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: No problem with Exchange RPC and RPC patch
http://www.ISAserver.org
Hi Jeff,
Yes, I'm painfully aware of this situation. Its a very sad state of affairs.
I wonder what going to happen when the dirtbags figure out how to tunnel
these exploits using TCP 80, 443 and 25? They going to shut down those ports
too? IMHO, they're very ill advised by blocking TCP 135.
Thanks for the update!
Tom
Thomas W Shinder
<http://www.isaserver.org/shinder> www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1 <http://tinyurl.com/1jq1>
Configuring ISA Server: <http://tinyurl.com/1llp> http://tinyurl.com/1llp
-----Original Message-----
From: Jeff Sloan [mailto:jsloan@xxxxxxxxxxxx]
Sent: Monday, August 18, 2003 10:02 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: No problem with Exchange RPC and RPC patch
http://www.ISAserver.org
I learned late Fri night that Earthlink IS BLOCKING PORT 135.
After several calls to Earthlink direct and to some of their actual router
guys that service the dial up locations, they all assured me that they were
not blocking ports, or at least were not aware of it.
Then after a long conversation with a supervisor of their satellite
division, the supervisor admitted they WERE blocking port 135.
The reason makes sense, but it still kills businesses using Exchange over
the internet.
He said customers could not get the update because their machines would keep
locking up or rebooting, so temporarily they are blocking the port until the
attacks die down and users have a chance to update.
Also, a check on the MS Exchange bulletin boards confirms that other ISPs
are blocking it as well, and the only way around it is to set up VPNs to
tunnel through in order for Exchange to work.
My problem with that is that my salesmen connecting on sorry hotel phone
systems and satellite connections have ping rates that are way to slow and
on average at least half of the pings to anywhere fail.
So we are not able to VPN either.
Now, even if Earthlink stops blocking 135, others may not, and the ISP
industry outsources, or resells their equipment to others, so some little
'po dunk' ISP that continues to block 135 could adversely affect
connectivity should their routers happen to be in the path between my users
and my network here.
As far as other ISPs we could use, we are a small town that has only one
choice for internet service, and that is Earthlink, and it just so happens
that their equipment is in my office.
Anyway, thought some of you might like to know what may be going on.
Jeff Sloan
Network Administrator
Cross Oil Refining & Marketing, Inc.
484 E. 6th St.
Smackover, AR 71762
Phone 870-864-8688
Fax 870-864-8689
Cell 870-866-9941
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
johnlist@xxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
croush@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
