Re: 4000 to 5000 TCP hits in my Firewall log??



pdarrah@xxxxxxxxx wrote:
Jeff B wrote:
ports 135-139 + 445 are specific ports used by MS.
add a rule,
allow tcp/udp $your-lan-address/24 ports 135-139,445 ignore, nolog

eg: 139/445 are use for file/print sharing

Jeff B (remove the No-Spam to reply)

Hi Jeff - Does this mean that I shouldn't be concerned about this?

this is normal for MS, *BUT* you must enforce the access to
only your lan segment(s). ALL perimeter access *MUST* be denied!

> The
other computer isn't trying to "attack" this one? Why would this only
be occuring on one machine on the network.

see http://www.iss.net/security_center/advice/Exploits/Ports/135/
--
---
Jeff B (remove the No-Spam to reply)
.



Relevant Pages

  • Re: Connecting 54k dial up through 3com888 - small problem
    ... > dial up over a 54g network. ... > Jeff Liebermann provided me with some valuable info on the process. ... > The boot on LAN is deactivated in the desktop PC BIOS. ... Rob ...
    (alt.internet.wireless)
  • Re: URGENT: Network Problem!!
    ... On Wed, 2003-11-19 at 23:55, Jeff wrote: ... > I've got a major prob on my LAN. ... It can ping all the other boxes on the LAN but nothing on ... > gateway to make sure - reboot did nothing. ...
    (RedHat)
  • Re: Getting data from sheet stored on LAN
    ... Jeff ... and finally the $'s for an absolute reference. ... >> How do I refrence a cell on a sheet that resides on the lan? ...
    (microsoft.public.excel.programming)
  • Re: Sonicwall One-to-One NAT vs. DMZ
    ... Thanks Jeff! ... Panasonic network camera and through that get into my LAN are remote (the ... Panny network camera is the device I want to access), ... > in mind, if you use a DMZ port, and somebody breaks into the computer on ...
    (comp.security.firewalls)
  • Re: IIS root
    ... it a local domain (in your LAN) or an internet domain? ... Jeff ... >domain but not from anyother domain? ...
    (microsoft.public.inetserver.iis.security)