How can I create a rule in version 2.04 that will block any traffic through port 135, the one that was exploited by the Blaster worm.
Though it’s irreverent to your Question, you using Look ‘n’ Stop v2.04 or v2.04p2? In EnhancedRulesSet.rls you’ll see “TCP : Block WinNuke” rule, just export that and import it back in-to the rule-set and place it below “TCP : Block incoming connections” rule and make modification to the rule-name, description and the source port (139), just change it to 135…. Though if you using EnhancedRulesSet.rls (one of Look ‘n’ Stop’s Default rule-sets) and you have TCP SPI Activated, then you shouldn’t need that additional rule. “TCP : Block incoming connections” rule should block the Connection attempts onto ALL your TCP ports (0-65534), unless you added additional inefficient rule or rules to the rule-set…
