Network & Academic Computing Services
NetBIOS Ports Temporarily Blocked from Modem Pool

NACS > Security > NetBIOS Blockage & Modem Pool

Summary: NetBIOS ports will be temporarily blocked from the UCI Modem Pool and Zotnet modems. This block will affect anyone using Exchange to read e-mail or sharing disk shares over the modem pools.

More Information: More information about the MSBLAST worm.

Tuesday, August 12, 2003

Due to the number of systems infected with the recent MSBLAST worm connecting to the campus via the modem pool and attacking systems on campus and elsewhere, NACS will be blocking the NetBIOS ports at the modem pool and on the Zotnet modems. This block is temporary and will be removed as soon as possible.

This block will affect anyone who is using Exchange to read email or anyone using disk shares over the modem pools.

We have made local copies of the patch for the MS RPC vulnerability that prevents systems from being compromised by the MSBLAST worm.

They are available from:

• ftp://ftp.uci.edu/distribution/dcom-patch
• http://www.nacs.uci.edu/security/MicrosoftRPCExploit.html

There are 4 patches available - one each for WinNT, Windows XP, Windows 2000, and Windows Server 2003.

Please let us know if you have any questions or comments; email to nacs@uci.edu or call x4222. We realize this will be an inconvenience to those who rely on the modem pools for Exchange email and other uses that involve NetBIOS, and we will try to remove the port blocks as soon as possible.

Top of Page

NACS > Security > Viruses > NetBIOS Blockage & Modem Pool

Updated: August 12, 2003

University of California, Irvine