|
Posted by Don Kelloway on February 20, 2005, 4:58 am
If you were Registered and logged in, you could reply and use other advanced thread options > Can someone explain a few things about Netbios for me? I'm running a
> Win2k
> machine here, no router, connected to the internet via a cable modem. The
> usual software firewalls. I was playing around today and am confused
> about
> a few things now.
>
> I unloaded the software firewall (disabled it) and went to scan.sygate.com
> and did some scans. First, I did a TCP scan, and it showed that my ISP is
> blocking ports 135, 137-139 and so on. When I do a UDP scan, it says that
> my ports 137-139 are OPEN.
>
> Question: Why would my ISP block TCP Netbios, but not UDP Netbios? Isn't
> Netbios UDP anyway?
>
> Another question: If I ran without any firewall under the above
> conditions, would people then be able to see what's on my hard drive via
> UDP Netbios? Or is a TCP connection needed for this? Am I in danger with
> UDP Netbios ports open but TCP Netbios ports blocked?
>
> I also went into Windows network places config and disabled Netbios
> completely and unchecked the other networking boxes. Just left TCP/IP
> intact. So Netbios should be disabled. However, when I do a UDP scan at
> Sygate, it still shows my 137-139 ports OPEN. What and why is this???
>
> I'd appreciate any answers/comments to these questions. They probably
> show
> my ignorance, but I'm curious. Don't have much experience with Netbios or
> networks... Thanks to any and all...
>
TCP port 139 and UDP ports 137-138 are used for Microsoft NetBIOS
TCP port 139 is used to connect to a mapped/shared drive or directory on a
Windows PC.
UDP port 137-138 is used to enumerate a Windows PC.
For reference TCP/UDP port 135 is used for Microsoft RPC.
--
Best regards, from Don Kelloway of Commodon Communications
Visit http://www.commodon.com to learn about the "Threats to Your Security
on the Internet".
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map