Hi Brian, That should read: "I've got no problem with that" :-) Thanks! Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> -----Original Message----- From: Thomas W Shinder Sent: Tuesday, August 12, 2003 10:58 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Blocking w32.blaster.worm? http://www.ISAserver.org Hi Brian, If you don't need it, close it. I've got to problem with that. But I have a lot of people using Exchange RPC publishing rules to access the Exchange Servers from on the road. These folks are safe, but authoritative sources say thou shalt close TCP 135 without consideration of the fact that at least one firewall (and the only one that I know of) protects you from the exploit. Of course the Exchange servers were the first ones to be patched and are the ones monitored most closely, but that's always the case. But, if you don't need the service that port services, close it. Thats always wise advice and consistent with the principle of least privilege. HTH, Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp>