Date: Tue, 27 Mar 2001 19:08:45 +0000 From: Josh Paetzel <jpaetzel@hutchtel.net> To: Rick Knebel <rknebel@uplink.net>, questions@FreeBSD.ORG Subject: Re: firewall Message-ID: <01032719094101.00297@mark9.vladsempire.net> In-Reply-To: <p05001900b6e574f8558d@[192.168.1.2]> References: <p05001900b6e574f8558d@[192.168.1.2]>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 26 Mar 2001, Rick Knebel wrote: > Hi, > I have set up a simple firewall for my home network and it seems to > be working fine. > > I do run samba to file share with the other computers on my network. > I recently had my IP caned for a security and it came back with the > following info. > > 137 udp netbios-ns </securitytest/images/caution.gif> open or > filtered Windows 9x and Windows NT use this port to locate other > systems on the network with NetBIOS name lookups. Windows NT may also > use this port for a logon sequence, and other login security related > processes. Leaving this port open may allow an intruder to find an > entire list of computers in your workgroup. > > > > 138 udp netbios-dgm </securitytest/images/caution.gif> open or > filtered Windows 9x and Windows NT uses this port to locate other > systems on the network and allow users to browse folders and printers > on this computer. Windows may also use this port for NetLogin > sequences and NT Directory replication. Leaving this port open may > allow an intruder to find an entire list of computers in your > workgroup. > > > These two ports 137 nad 138. Can they be blocked and still be able to > run samba? > > Yes. Block them with the firewall to the internet. There is no reason to allow packets from these services out to or in from the internet. Josh > Thanks > Rick > -- > Rick Knebel > rknebel@uplink.net > http://members.tripod.com/~Rick_Knebel/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01032719094101.00297>