posted on Friday, December 03, 2004 11:09 PM
by
bradley
Update on the WINS security issue
[First a disclosure - I'm still not freaking out, probably won't install this, but just an update]
The WINS security issue that I posted about the other day has had it's knowledge base article updated. First off they indicate as I stated that SBS 2000 and 2003 does indeed have WINS installed by default but, the good news is that we do not have the port 42 [the target port] open.
Right now I'm seeing some reports on the Net that they are seeing port 42 pings but I'm not seeing any remote attack that is trying to wiggle its way inside.
There are two actions you can take if you want to be extremely paranoid [for now, I'd just keep this in mind if we see things kick up going forward]
- First off if you have no 9x/legacy clients and are like me, 100% borg XP/2k style of firm you can disable WINS with no ill effects whatsoever as confirmed by Charlie in the 2K yahoogroup [thanks Steve for saying "Piffle" and setting me straight. [SEE just another reason to kill off those legacy workstations]
- Next there's a script that can be run to enable IPSec filters.
For now though, I'd just put these in your back pocket and not really make a big fuss.