Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

Ports 3389 and 27374 to be blocked Mon. Aug 26

2 views

Skip to first unread message

j...@mailbox.slac.stanford.edu

unread,

Aug 19, 2002, 2:22:41 PM8/19/02

to comp-...@slac.stanford.edu

Starting Monday, August 26, we will block TCP ports 3389 and
27374 at the SLAC firewall. These ports are used by Microsoft's
Remote Desktop Protocol (RDP) and the SubSeven trojan horse
program, respectively.

RDP, which is installed by default with Windows XP Professional,
allows remote logins to Windows machines. It has had some
serious security problems, especially if not configured properly.
SLAC users that need Remote Desktop functionality from offsite
still will be able to use it via a VPN tunnel [1].

The SubSeven trojan is mainly used by (black hat) hackers to
control a victim's machine. Its default port, 27374, is
consistently one of the most-heavily-scanned-for ports.

If you need offsite access to either of these ports but cannot use
VPN, please send email to SLAC Computer Security, security@slac.

[1] VPN at SLAC: see
https://www2.slac.stanford.edu/comp/winnt/SLACONLY/pptp/default.htm

--
John Halperin <j...@SLAC.Stanford.Edu>
SLAC Computer Security Team (Stanford Linear Accelerator Center)

0 new messages