From owner-freebsd-questions Mon Mar 26 14:44:39 2001 Delivered-To: freebsd-questions@freebsd.org Received: from rknebel.uplink.net (rknebel.uplink.net [209.173.88.243]) by hub.freebsd.org (Postfix) with ESMTP id B221237B71F for ; Mon, 26 Mar 2001 14:44:35 -0800 (PST) (envelope-from rknebel@uplink.net) Received: from [192.168.1.2] (mac.uplink.net [192.168.1.2]) by rknebel.uplink.net (8.11.1/8.11.1) with ESMTP id f2QMh7R13881 for ; Mon, 26 Mar 2001 17:43:09 -0500 (EST) (envelope-from rknebel@uplink.net) Mime-Version: 1.0 X-Sender: rknebel@rknebel.uplink.net Message-Id: Date: Mon, 26 Mar 2001 17:39:23 -0500 To: questions@freebsd.org From: Rick Knebel Subject: firewall Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, I have set up a simple firewall for my home network and it seems to be working fine. I do run samba to file share with the other computers on my network. I recently had my IP caned for a security and it came back with the following info. 137 udp netbios-ns open or filtered Windows 9x and Windows NT use this port to locate other systems on the network with NetBIOS name lookups. Windows NT may also use this port for a logon sequence, and other login security related processes. Leaving this port open may allow an intruder to find an entire list of computers in your workgroup. 138 udp netbios-dgm open or filtered Windows 9x and Windows NT uses this port to locate other systems on the network and allow users to browse folders and printers on this computer. Windows may also use this port for NetLogin sequences and NT Directory replication. Leaving this port open may allow an intruder to find an entire list of computers in your workgroup. These two ports 137 nad 138. Can they be blocked and still be able to run samba? Thanks Rick -- Rick Knebel rknebel@uplink.net http://members.tripod.com/~Rick_Knebel/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message