Date: Mon, 22 Feb 1999 10:18:36 -0500 From: "Christopher J. Michaels" <cjm2@earthling.net> To: "'Nana Ni.'" <raha49@hotmail.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: RE: UDP/TCP Ports 137, 138, 139 Message-ID: <000801be5e76$9e5253e0$0a00000a@maxpower.weeble.nws.net> In-Reply-To: <19990221161921.17345.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
If you just block all traffic going over the firewall's outside interface on those ports you'll be fine. the rules I use are the following... 01000 deny tcp from any 137-139 to any via tun0 01000 deny udp from any 137-139 to any via tun0 01001 deny tcp from any to any 137-139 via tun0 01001 deny udp from any to any 137-139 via tun0 tun0 being my interface to the outside world, and yes I know netbios is udp but I'm a bit paranoid I guess. hope this helps. -Chris -----Original Message----- From: Nana Ni. [mailto:raha49@hotmail.com] Sent: Sunday, February 21, 1999 11:19 AM To: cjm2@earthling.net Cc: freebsd-questions@FreeBSD.ORG Subject: RE: UDP/TCP Ports 137, 138, 139 Dear Chris, You're right, I must explain the case much clearly. Actually, I want to block any packet with source or destination port equal to 137, 138 or 139 from coming in or going out of our intranet. It will be done on our firewall which is IPFW on FreeBSD. So Netbios connections will be allowed inside our Intranet, but be denied from/to go out/come in. I'd like to get sure that it doesn't make any restriction for existing services. Thanks, Nazila > >Yes you could just block incoming connections from your firewall on these >ports. Although reading your message I'm not sure I understand exactly what >you want to block. Are you intending on blocking netbios connections coming >from an outside network to an inside network, or are you just blocking these >connections to the FreeBSD machine? >-Chris > >-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Nana Ni. >Sent: Sunday, February 21, 1999 12:54 AM >To: freebsd-questions@FreeBSD.ORG >Subject: UDP/TCP Ports 137, 138, 139 > > >Hi, > >I've read that UDP/TCP ports 137-139 which are used for NetBios, can be >some security threats to system. Does anybody knows if I can block at >least incoming this kind of packets on firewall without making any >restrictions for Windows (NT/95) PCs? > >Thanks, >Nazila N. > ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000801be5e76$9e5253e0$0a00000a>