[THIN] Re: MS03-049 on Citrix MF FR2 W2k

• From: Brian Delaney <brian.delaney@xxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Thu, 13 Nov 2003 15:31:06 -0500

I chose to approach it from both sides, I added access lists on our
internal router and our external router to block such traffic.
sh access-list listname displays several attempts at these ports...

"Stratton, Doug MSER:EX" wrote:

>
>
> Hello
> Just wanted to check with the list to see if anyone has deployed this
> patch and if so any problems.
>
> Anyone try the workaround where they block the ports:
> Block UDP ports 138, 139, 445 and TCP ports 138, 139, 445 at your
> firewall.
> These ports are used to accept a Remote Procedure Call (RPC)
> connection at a remote computer. Blocking them at the firewall will
> help prevent systems behind that firewall from being attacked by
> attempts to exploit this vulnerability.
>
> Or Disable the Workstation service.   (I am assuming this is defiantly
> a no go)

• References:
  • [THIN] MS03-049 on Citrix MF FR2 W2k
    • From: Stratton, Doug MSER:EX

Other related posts:

• » [THIN] MS03-049 on Citrix MF FR2 W2k
• » [THIN] Re: MS03-049 on Citrix MF FR2 W2k
• » [THIN] Re: MS03-049 on Citrix MF FR2 W2k

1. Home
2. thin
3. Archive
4. 11-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---