From owner-freebsd-questions Wed Feb 24 14:39:32 1999 Delivered-To: freebsd-questions@freebsd.org Received: from mail2.gmx.net (mail2.gmx.net [195.63.104.62]) by hub.freebsd.org (Postfix) with SMTP id EDF5D1113B for ; Wed, 24 Feb 1999 14:39:20 -0800 (PST) (envelope-from Gerhard.Sittig@gmx.net) Received: (qmail 12380 invoked by uid 0); 24 Feb 1999 20:20:56 -0000 Received: from ppp-pln163.freiepresse.de (HELO speedy.gsinet) (194.25.234.163) by mail2.gmx.net with SMTP; 24 Feb 1999 20:20:56 -0000 Received: from speedy.gsinet (sittig@speedy.gsinet [192.168.10.129]) by speedy.gsinet (8.8.8/8.8.8) with SMTP id UAA09667 for ; Wed, 24 Feb 1999 20:42:16 +0100 Date: Wed, 24 Feb 1999 20:42:16 +0100 (CET) From: Gerhard Sittig X-Sender: sittig@speedy.gsinet Cc: freebsd-questions@FreeBSD.ORG Subject: RE: UDP/TCP Ports 137, 138, 139 In-Reply-To: <000801be5e76$9e5253e0$0a00000a@maxpower.weeble.nws.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 22 Feb 1999, Christopher J. Michaels wrote: > If you just block all traffic going over the firewall's outside interface on > those ports you'll be fine. > > the rules I use are the following... > > 01000 deny tcp from any 137-139 to any via tun0 > 01000 deny udp from any 137-139 to any via tun0 > 01001 deny tcp from any to any 137-139 via tun0 > 01001 deny udp from any to any 137-139 via tun0 > > tun0 being my interface to the outside world, and yes I know netbios is udp > but I'm a bit paranoid I guess. Not really, I guess :> ------------------------------------------------------------ [sittig@speedy] (529) ~ $ grep netbios /etc/services netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp netbios-dgm 138/tcp # NETBIOS Datagram Service netbios-dgm 138/udp netbios-ssn 139/tcp # NETBIOS session service netbios-ssn 139/udp [sittig@speedy] (530) ~ $ head -15 /etc/services # # Network services, Internet style # # Note that it is presently the policy of IANA to assign a single well-known # port number for both TCP and UDP; hence, most entries here have two entries # even if the protocol doesn't support UDP operations. # Updated from RFC 1340, ``Assigned Numbers'' (July 1992). Not all ports # are included, only the more common ones. # # from: @(#)services 5.8 (Berkeley) 5/9/91 # $Id: services,v 1.9 1993/11/08 19:49:15 cgd Exp $ # [sittig@speedy] (531) ~ $ netstat -a | grep netb tcp 0 0 speedy.gsin:netbios-ssn *:* LISTEN tcp 0 0 speedy.gsin:netbios-ssn *:* LISTEN udp 0 0 *:netbios-ns *:* udp 0 0 *:netbios-dgm *:* udp 0 0 speedy.gsine:netbios-ns *:* udp 0 0 speedy.gsin:netbios-dgm *:* udp 0 0 speedy.gsine:netbios-ns *:* udp 0 0 speedy.gsin:netbios-dgm *:* [sittig@speedy] (532) ~ $ ------------------------------------------------------------ Gerhard Sittig -- If you don't understand or are scared by any of the above ask your parents or an adult to help you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message