It all depends on your setup. If you're trying to block at the firewall level, you need to determine what type firewall you're using and its setup. Most firewalls (unless misconfigured) should be set up to not allow any traffic in unless specifically allowed. If you're running a router w/ NAT and no "real" firewall, then that's where most people get burned. If anyone tells you NAT is a firewall, run the other direction as fast as you can. The other way people I know have gotten burned on the latest bug its that their outer perimeter is great but someone w/ a laptop goes home, dials up, gets infected, goes back to work and plugs in. These types of back doors will kill you every time. You can block these ports for this one but the next virus that comes out will require different ports, the next one will then require different ones, and so on. It'll be a never ending game of cat and house. The thing to do is to make sure things are locked down on your network to prevent these types of events and that all the proper systems are in place. You still can't guarantee yourself 100% (nothing in IT is 100%) but if you don't have the systems in place you'll be fighting for days every time a new event comes out. When I arrived at my current job we had none of these in place. After months of fighting, we now how these things in place and have had no viruses or Trojans of any type (knock on wood). Regards, Mike Liddekee Network Engineer Humco Holding Group, Inc. 7400 Alumax Dr. Texarkana, TX 75501 Ph: (903) 831-7808 ext 697 -----Original Message----- From: satish garimalla [mailto:satishgarimalla@xxxxxxxxxxx] Sent: Wednesday, August 27, 2003 8:33 AM To: [ExchangeList] Subject: [exchangelist] Block access to ports http://www.MSExchange.org/ Hi All, I know this is a bit off the topic.But, we are having problems with the recent virus attacks.We are in the process of eliminating this. As recommended by symantic web site, Iam supposed to block access to TCP port 4444 at the firewall level and also block tcp port 135 "DCOM RPC" and UDP port 69 , "TFTP" Can any body explain me how to do this as I am not so familiar with this.All I want to know is that how to block these ports(from command prompt ?? or from windows itself ??) Either may be the case, could you please explain me the steps in doing so ... Thanking you very much , Satish Garimalla _____ Narain Karthikeyan. He's fast, really fast. Want to meet him? <http://g.msn.com/8HMXENIN/2731??PS=> ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSExchange.org Discussion List as: mliddekee@xxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')