Home > Technical Support > IP Filtering Policy

IP Filtering Policy

In response to the numerous vunerabilities in certain Microsoft software we have begun blocking specific TCP/IP ports from our entire network. These ports are known to be used by worms and virii to spread to other computers and have been used in a number of well-known exploits.

It is the policy of CWIS Internet to examine outbreaks of dangerous vunerabilities and take steps to help protect our customers within our capabilities.

• TCP ports 135, 136, 137 (Microsoft File/Printer sharing, numerous exploits)
• UDP ports 135, 136, 137
• TCP port 445 (MS-SMB over TCP, "Blaster/LovSAN" exploit)
• TCP port 7567 ("QAZ" trojan/backdoor listener)
• TCP port 1434 (MS-SQL, "Slammer" worm)

• ICMP echo request/echo reply ("ping") with payloads of 92 bytes ("nachi" worm)
  Effects Windows "ping" utility. "ping" on other platforms unaffected.

These port blockings will not affect the majority of our customers or their ability to use the Internet. Some applications such as Microsoft Exchange, Microsoft file and printer sharing, Microsoft SQL legitimately use these ports. You should be able to work around these blocks with tools such as using virtual private network (VPN) or point to point tunneling. We recommend using VPN or tunneling methods to protect your data to these services at all times regardless.

If you are a customer with a dedicated connection, and must have access to any of these ports, please email admin@cwis.net so that we can adjust our filters to allow your traffic.