Solved

possible intruder alert

Posted on 2003-12-11
7
251 Views
Last Modified: 2010-04-11
I have my cisco set up and my router keeps denying a call on port 135. Can anyone tell me what this is or help me research this.

Thanks, Troy
0
Comment
Question by:troyd1
7 Comments
 
LVL 19

Accepted Solution

by:
Dexstar earned 25 total points
Comment Utility
@troyd1:

> Can anyone tell me what this is or help me research this.

Port 135 is used by Microsoft for RPC.  Read all about it:
http://nsit.uchicago.edu/alert/port-135.html

Hope That Helps,
Dex*
0
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 25 total points
Comment Utility
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
A router can only deny what it is told to. Do you have any access-lists?
Perhaps the ISP is blocking tcp 135 further upstream. This is a recent phenomenon since the outbreak of MSBlast and Welchia worms.

0
Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

 

Expert Comment

by:brianrance
Comment Utility
Sounds like Welchia or Blaster or one of the other RPC exploiters are knocking.  Luckily, you have a firewall.  I recommend you leave 135 blocked.  And find out the source of the requests (there should be an associated IP Address).  Report this IP address to your ISP and ask them to investigate it, as the source Host may be infected with a Virus/Worm.

And remember, the triad of virus protection:
1. Firewall
2. Up To Date Antivirus Software
3. Latest Operating System patches and fixes whether they be MS, *nix, or Mac
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
If it ticks you off that you're being probed, take a look at http://www.dshield.org/fightback.php
There some good info about security there as well.
0
 

Expert Comment

by:brianrance
Comment Utility
oh, and listen to Irmoore.  If you take a look to the right, at that list of the Top 15 Experts...
0
 

Author Comment

by:troyd1
Comment Utility
Thanks for all the info. This was all good info.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Link Aggregation 2 31
VMware NSX version 6.2.2 upgrade 6.2.4 6 47
Security Alert 2 38
Slow internet - due to unknown uploads 9 56
What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now