how to shut off netbios-ns/port:137 (udp)

From: alex (PleaseReplyToNewsGroup_at_Thank.You)
Date: 06/04/03

• Next message: Jeff Cochran: "Re: Server hacked, problems removing some directories. HELP"
• Previous message: Andrew: "Re: Local Admin vs Domain Admin problems"
• In reply to: Alex Fitterling: "how to shut off netbios-ns/port:137 (udp)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 4 Jun 2003 06:54:13 -0700

Hi, namesake.
You can down a service, or use 3-rd party utilities
(firewalls like ZoneAlarm or kind of this),or write a
program to close any port using win sockets (see MSDN it's
not so hard).

alex

>-----Original Message-----
>Dear Microsoft Users,
>
>when scanning certain win2k-clients in my network with
the opensource
>security tool nessus, I get following security warning:
>
>
>---
>Warning netbios-ns (137/udp) . The following 2 NetBIOS
names have been
>gathered : NAME = Computer 1) name that is registered for
the
>messenger service on a computer that is a WINS client.
BENUTZER1 =
>Computer name that is registered for the messenger
service on a
>computer that is a WINS client. . The remote host has
the following
>MAC address on its adapter : XXXXXXXXXXXXXXXXXXX 1)
>
>If you do not want to allow everyone to find the NetBios
name
>of your computer, you should filter incoming traffic to
this port.
>
>Risk factor : Medium
>CVE : CAN-1999-0621
>Nessus ID : 10150
>
>1) due to security reasons the values has been made
irrecognizable.
>----
>
>I definitely want to deactivate the whole port, not
allowing the
>clients to share anything on net. Is there a way to reach
this, or
>could that (only microsoft knows) for any reason be
dangerous?
>
>So far I took a look in certain newsgroups. There were
actually a
>whole bunch of inquiries I myself wasn't able to deal
with. So this is
>my own posting.
>
>Sincerely,
>
>Alex
>
>
>.
>

• Next message: Jeff Cochran: "Re: Server hacked, problems removing some directories. HELP"
• Previous message: Andrew: "Re: Local Admin vs Domain Admin problems"
• In reply to: Alex Fitterling: "how to shut off netbios-ns/port:137 (udp)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: thin client com ports ... I'm glad that you got at least one more client working! ... MCSE, CCEA, Microsoft MVP - Terminal Server ... the COM port settings? ... I am testing several thin clients. ... (microsoft.public.windows.terminal_services) Re: network installation manager ... there is a firewall between master and client machines, ... NIM Communication within a Firewall Environment ... master via nimclient calls to the nimesis daemon. ... reserved port range of 1023-513. ... (comp.unix.aix) help: using smtp.gmail.com as SMART_HOST ... with my Google gmail address. ... is pop.gmail.com, using port 995. ... Retrieving mail is not the problem since my Google searches ... client, I believe the term is) to send my mail to Google's ... (comp.mail.sendmail) Re: DNS Injection Problem ... What it looks like is that your client is trying to run a number of ... run the Web server standalone and in a "chroot" jail that ... That's not what your port scan says. ... world's premier event for IT and network security experts. ... (Incidents) Re: Unable to print to networked printer - get access denied messa ... Check the permissions on the server assuming the client has a true RPC ... How is the Standard TCP/IP port configured for the device? ... (microsoft.public.windowsxp.print_fax)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint