|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Home Storage Area Network security
> If it prevents network-debiliatating attacks like Blaster and friends, > YES. Ok I understand where you are coming from but that's a completely different requirement than your previous post suggested, protecting the network is the job of a network admin, protecting the applications using the network is something else entirely. As an example the recent nachia worm that causes network problems for some devices because of the arp request issue, can be solved by patching or replacing those devices that are susceptible to excessive arp request DOS. This in no way requires blocking any of the protocols, it's simply a vulnerability in certain devices that needs patched. Those devices are susceptible to attack, not from a worm or a protocol, but from a function of the network, and blocking the port a worm uses does nothing to protect those devices from attack via this vulnerability. It would be trivial to write an exploit that exposes this vuln and which blocking 135 provides no protection at all. Geo.
|