Firewall Rules for Quicktime RTSP Vulnerability
See here. Just a quick note: if you read the Symantec advisory regarding the Quicktime RTSP Header Vunerability, they mention blocking certain traffic if you’re worried about the exploit — which appears to be Windows specific at this point. In the interest of being safe though, here is a set of ipfw rules for blocking access as suggested:
01000 0 0 deny tcp from me to not me dst-port 554 out
01100 0 0 deny tcp from me to 85.255.117.212 out
01200 0 0 deny tcp from me to 85.255.117.213 out
01300 0 0 deny tcp from me to 216.255.183.59 out
01400 0 0 deny tcp from me to 69.50.190.135 out
01500 0 0 deny tcp from me to 58.65.238.116 out
01600 0 0 deny tcp from me to 208.113.154.34 out
You can put these in on a command line (via Terminal or iTerm) using ‘ipfw’ or using WaterRoof.
Loading...