Date: Thu, 30 Nov 2000 13:00:27 -0600 From: "Chuck Rock" <carock@epconline.net> To: <freebsd-security@FreeBSD.ORG> Subject: RE: 137/udp Message-ID: <003f01c05aff$cd481ef0$1805010a@epconline.net> In-Reply-To: <3A26A013136.BF8AMELON@postman.orangenetwork.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Port 137 is NetBIOS Name Service, and NetBIOS is used by Windows for network communications. You have some users with the Microsoft Client in their network configuration trying to speak to your firewall, and these packets are getting rejected. The users with the Microsoft client may have a huge security hole if they are coming in from the Internet. That would mean their computer is either listening on their Internet IP's for other network clients, or they are specifically scanning for computers configured this way so they can try to log into them for themselves. My 2 cents, Chuck > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Melon > Sent: Thursday, November 30, 2000 12:45 PM > To: freebsd-security@FreeBSD.ORG > Subject: 137/udp > > > Hello, > > All network administrator may always see rejected 137/udp packet... > > I want to know how these udp packets are occured? > I expect some stupid kids attacked me. However, is there any exception? > > Someone sent only 3 137/udp packets to specific IP address. In general, > these stupid does not sent to specific IP address, sent to all IP > addresses I have. > > Any suggestions appreciated. > > - Melon > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003f01c05aff$cd481ef0$1805010a>