Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: SMB - Windows Relay Attack works over Internet as well as LAN. (SANS/CSO)  (Read 2725 times)

AArdvark

  • Kitizen
  • ****
  • Posts: 1008

Windows Relay Attack For Non-Local Systems
http://www.csoonline.com/article/2966120/security/researchers-find-way-to-steal-windows-active-directory-credentials-from-the-internet.html#tk.rss_all

An attack using the SMB file sharing protocol that has been believed to work only within local area networks for over a decade can also be executed over the Internet, two researchers showed at the Black Hat security conference.

===========================================================================

(Yet another instance of attack the 'common everyday' protocols)
Ensure that ports 137, 138, 139 & 445 are not allowed to go out over the Internet.
(Block in your firewall)

Update: Fixed Typo
« Last Edit: August 25, 2015, 02:40:58 AM by AArdvark »
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick

> Ensure that ports 137, 138, 139 & 443 are not allowed to go out over the Internet.

Was already done.

    <rule-set name="Out block: ports blocked" target-port="135-139 445 3544" target-interface="PPPoE" no-match-action="reject"/>


! Don't you mean 445, rather than 443 ?
Logged

AArdvark

  • Kitizen
  • ****
  • Posts: 1008

@weaver
Yes, I cannot type :)
Sometimes your fingers type what they want !!


Sent from my LG-D855 using Tapatalk

Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick

> Sometimes your fingers type what they want

Don't I know it! :-)
Logged
 

anything