Re: ?router problem-blocking ports 137-8

From: Lars M. Hansen (badnews_at_hansenonline.net)
Date: 06/30/03 

Date: Sun, 29 Jun 2003 22:41:11 GMT

On Sun, 29 Jun 2003 21:35:11 GMT, JClark spoketh

>Interesting, David. But mine seems to be blocking traffic for ports
>137 and 138 anyway, so I guess I'm safe from that. I'm not sure what
>my firewall does about resolving IP addresses to DNS addresses. I know
>that for any log entry, blocked or permitted, you can use a built in
>IP tracer, and once you get the name of the organization which owns
>that address, you can also click on "reverse DNS" to get more
>information.
>With a single computer, do I ever need to permit traffic over ports
>137 and 138?
>Maybe I should just write a rule to block incoming and outgoing TCP
>and UDP packets over those ports.
>And where does my linksys router fit into all this?
>Sorry for ignorance!
>
>Jack
>
>Thanks.
>
>Jack

The Linksys router never tries to look up these names, but if you're
using a third party log analyser, it may attempt to look up these names.
If you can, try disabling the name lookup feature, and see if that helps
any.

The NetBIOS ports are already blocked coming in, but not going out. You
can add a simple rule to block ports 135-139 TCP & UDD and another for
port 445 (if you're using W2K or WXP).

Whether or not you have more than one computer on the LAN is irrelevant.
The router only blocks traffic between its WAN side and LAN side, and
not between hosts on the LAN side even if they are both/all physically
connected to the router.

Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

Relevant Pages

  • Re: ?router problem-blocking ports 137-8
    ... On Sun, 29 Jun 2003 22:41:11 GMT, Lars M. Hansen ... But mine seems to be blocking traffic for ports ... >The Linksys router never tries to look up these names, ... >Whether or not you have more than one computer on the LAN is irrelevant. ...
    (comp.security.firewalls)
  • Re: Anyone using Linksys WUSB54G with Check Point VPN-1
    ... > connect to our gateway server, I've tried forwarding numerous ports on ... > the wusb54g system and even putting the wireless system into a DMZ, ... > The ports I've tried forwarding on the linksys router are ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Linux vs LinkSys 4 port Cable router
    ... >> I also have all the ports closed on the Linksys router. ... >> outside attempts to access my FTP server? ... I have the Linksys BEFSR41 and no ports are forwarded. ...
    (comp.os.linux.security)
  • Re: Linux vs LinkSys 4 port Cable router
    ... >> I also have all the ports closed on the Linksys router. ... >> outside attempts to access my FTP server? ... I have the Linksys BEFSR41 and no ports are forwarded. ...
    (comp.security.firewalls)
  • Re: Is an ethernet switch totally transparent?
    ... I have a Linksys router which has four LAN ports. ... Could it be one of the Linksys router ports which is misconfigured? ... That would do it - the switch would see the same MAC address on two ...
    (uk.telecom.broadband)