Select Page

04/27/2017

Campus has notified SEASnet that a large number of machines on the network have  been infected with Double Pulsar. In order to stop the infection campus is planning on immediately blocking ports vulnerable from outside the UCLA network. The following ports/services will be affected:

Port Service
23 Telnet – unsecure text based remote connect
53 DNS – domain name resolution
67,68 DHCP – automatic IP assignment
111 SunRPC – unix service information
135-139 NetBios – network naming system
445 SMB – shared folder
1433 MS-SQL-S – Microsoft SQL database server
3306 MySQL – MySQL database
3389 RDP – windows remote desktop
9100 jetdirect – HP printer

A more detailed email is being sent out about this change.