MacSecure.com
A Mac Security Blog

Firewall Rules for Quicktime RTSP Vulnerability

See here.   Just a quick note:  if you read the Symantec advisory regarding the Quicktime RTSP Header Vunerability, they mention blocking certain traffic if you’re worried about the exploit — which appears to be Windows specific at this point. In the interest of being safe though, here is a set of ipfw rules for blocking access as suggested:

01000   0     0 deny tcp from me to not me dst-port 554 out
01100   0     0 deny tcp from me to 85.255.117.212 out
01200   0     0 deny tcp from me to 85.255.117.213 out
01300   0     0 deny tcp from me to 216.255.183.59 out
01400   0     0 deny tcp from me to 69.50.190.135 out
01500   0     0 deny tcp from me to 58.65.238.116 out
01600   0     0 deny tcp from me to 208.113.154.34 out

You can put these in on a command line (via Terminal or iTerm) using ‘ipfw’ or using WaterRoof.

Bookmark this page at: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • StumbleUpon
  • Technorati

No Responses to “Firewall Rules for Quicktime RTSP Vulnerability”

Leave a Reply

You must be logged in to post a comment.