Date: Mon, 26 Mar 2001 23:19:36 -0500 From: Bill Moran <wmoran@iowna.com> To: Rick Knebel <rknebel@uplink.net> Cc: questions@FreeBSD.ORG Subject: Re: firewall Message-ID: <3AC014D8.E7AC067F@iowna.com> References: <p05001900b6e574f8558d@[192.168.1.2]>
next in thread | previous in thread | raw e-mail | index | archive | help
Rick Knebel wrote: > > Hi, > I have set up a simple firewall for my home network and it seems to > be working fine. > > I do run samba to file share with the other computers on my network. > I recently had my IP caned for a security and it came back with the > following info. > > 137 udp netbios-ns </securitytest/images/caution.gif> open or > filtered Windows 9x and Windows NT use this port to locate other > systems on the network with NetBIOS name lookups. Windows NT may also > use this port for a logon sequence, and other login security related > processes. Leaving this port open may allow an intruder to find an > entire list of computers in your workgroup. > > 138 udp netbios-dgm </securitytest/images/caution.gif> open or > filtered Windows 9x and Windows NT uses this port to locate other > systems on the network and allow users to browse folders and printers > on this computer. Windows may also use this port for NetLogin > sequences and NT Directory replication. Leaving this port open may > allow an intruder to find an entire list of computers in your > workgroup. > > These two ports 137 nad 138. Can they be blocked and still be able to > run samba? Yes and No. If you want to connect to the Samba share, those ports must be open. I would recommend building a set of firewall rules that only allow connections on those ports from IP addresses that you trust and rejecting any other connection attempt. -Bill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AC014D8.E7AC067F>