[AusNOG] Some ZyXEL routers vulnerable to DoS

Quentin Rittman quentinrittman at internode.on.net
Wed Jan 15 18:32:21 EST 2014 

from my iinet customer toolbox:
"
Port 25 (smtp) inbound and outbound
Port 80 (http) inbound
Port 135 DCOM SCM inbound
Port 139 (netbeui/ipx) inbound
Port 443 inbound
Port 445 Microsoft Windows File sharing / NETBIOS inbound


from my internode toolbox:

Outbound

Port 25 (SMTP) to anywhere except mail.internode.on.net
Port 135 - RPC
Port 137 - NetBIOS
Port 138 - NetBIOS
Port 139 - NetBIOS
Port 445 - SMB/CIFS
Inbound

Windows File Sharing

Port 135 - RPC
Port 137 - NetBIOS
Port 138 - NetBIOS
Port 139 - NetBIOS
Port 445 - SMB/CIFS
Servers and Web

Port 22 - Secure Shell (SSH)
Port 23 - Telnet
Port 80 - Web pages (HTTP)
Port 443 - Secure web pages (HTTPS)
Port 3128 - Web proxy server
Port 8080 - Web proxy server


On 15 Jan 2014, at 6:20 pm, Joshua D'Alton <joshua at railgun.com.au> wrote:

> Still is. Can't remember the exact ports, think 21-25 80 443 8080  . Might be a BoB thing also.
> 
> 
> On Wed, Jan 15, 2014 at 3:57 PM, Damian Guppy <the.damo at gmail.com> wrote:
> Once upon a time iiNet did this as well, it was just something you toggled in Toolbox, not sure if that is still the case.
> 
> --Damian
> 
> 
> On Wed, Jan 15, 2014 at 12:55 PM, Robert Hudson <hudrob at gmail.com> wrote:
> On 15 January 2014 15:49, Tim March <march.tim at gmail.com> wrote:
> Surely the easy answer here, at least the carriers who are already
> filtering, is to go;
> 
> "OK, we know this is a huge risk so we're doing this. Call us if you
> want the port re-enabled."
> 
> This is exactly what Internode do.  They have a standard set of ports they block, and that's turned on by default on all consumer services.  You can fiddle with the settings under your account management tools on their website.
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> 
> 
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> 
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140115/4a4c9c35/attachment.html>

More information about the AusNOG mailing list