RE: Windows File Sharing with IPCop

From: Benjamin D. Goldman (bgoldman@kipany.com)
Date: 08/21/02 

Date: Wed, 21 Aug 2002 12:21:16 -0400
From: "Benjamin D. Goldman" <bgoldman@kipany.com>
To: "Bryan Ponnwitz" <bponnwit@btboces.org>, <focus-ms@lists.securityfocus.COM>

even without NetBios, you probably have to open up the RPC, etc etc
ports... the ones that you should always block..

135-139... someone correct me if I am wrong - but I dont think you can
even use the browsing capability (which is still required even without
netbios use explicitly) without having these open.

-----Original Message-----
From: Bryan Ponnwitz [mailto:bponnwit@btboces.org]
Sent: Tuesday, August 20, 2002 8:36 PM
To: focus-ms@lists.securityfocus.COM
Subject: Windows File Sharing with IPCop

I've run into a road block with my IPCop firewall and I'm hoping for
some help. Here's the scenario:

I'm running IPCop at work to segment me from the rest of the network. I
have a WinXP box behind my IPCop firewall. The XP machine is acting as
a File and Printer Sharing and Terminal Services server. File sharing
is configured for TCP/IP (no NetBIOS). I would like to be able to
access the WinXP box from the outside network. I looked on the
Microsoft support site, and found that you need to forward 445/TCP and
445/UDP to get it to work. I set this up and still cannot access the
shares. I did the exact same setup for Terminal Services (except on
port 3389) and it works like a charm. When I try to telnet to port 445
on the IPCop machine from the external network, it doesn't connect which
makes me think that it's a problem with IPCop. Could it be that IPCop
runs it's secure web UI on port 445 and is therefore blocking that port?
Any help would be much appreciated!!

Bryan Ponnwitz
Webmaster - Broome-Tioga Boces
bponnwit@btboces.org
(607) 763-3609

Relevant Pages

  • Re: netBIOS Alert
    ... My Network Places has disappeared from the desk top, ... Lastly, I like Zonealarm. ... That'll fix your NetBIOS ... the probe could be a port scan. ...
    (comp.security.firewalls)
  • Re: Closing NetBios Port
    ... Check ceconfig.h in your flat release folder and see if NetBIOS is really ... I've tried to do what you explained, and the netBios UDP port 137 ... The only element I had not removed is the Core Server Support, ... works connected to a Ethernet Network. ...
    (microsoft.public.windowsce.platbuilder)
  • Re: Closing NetBios Port
    ... About the problem of the NetBIOS port, ... The only element I had not removed is the Core Server Support, ... works connected to a Ethernet Network. ...
    (microsoft.public.windowsce.platbuilder)
  • Re: netBIOS Alert
    ... That'll fix your NetBIOS ... >it a bit differently than NT and 98, which are the only Windows ... >>I checked in Network and I have no tab that says NetBios. ... the probe could be a port scan. ...
    (comp.security.firewalls)
  • Re: ADSOpenObject
    ... you have then taken away by unplugging the NIC. ... Remember that a port is ... just trying to figure out what happens if the network is lost and what the ... > It could be an interaction between your use of the NETBIOS name and ADSI ...
    (microsoft.public.windows.server.active_directory)