From owner-freebsd-security Mon May 24 8: 1:24 1999 Delivered-To: freebsd-security@freebsd.org Received: from adelphi.physics.adelaide.edu.au (adelphi.physics.adelaide.edu.au [129.127.36.247]) by hub.freebsd.org (Postfix) with ESMTP id 0193E14E89 for ; Mon, 24 May 1999 08:01:21 -0700 (PDT) (envelope-from kkennawa@physics.adelaide.edu.au) Received: from bragg (bragg [129.127.36.34]) by adelphi.physics.adelaide.edu.au (8.8.8/8.8.8/UofA-1.5) with SMTP id AAA23544; Tue, 25 May 1999 00:31:19 +0930 (CST) Received: from localhost by bragg; (5.65/1.1.8.2/05Aug95-0227PM) id AA06575; Tue, 25 May 1999 00:32:14 +0930 Date: Tue, 25 May 1999 00:32:14 +0930 (CST) From: Kris Kennaway X-Sender: kkennawa@bragg To: Dag-Erling Smorgrav Cc: Kiril Mitev , greg@qmpgmc.ac.uk, freebsd-security@freebsd.org Subject: Re: Server trying to connect to Port 113 In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 24 May 1999, Dag-Erling Smorgrav wrote: > Wrong on two points: most NetBIOS traffic is benign, and when it is an > attack, it's most likely a DoS and not a break-in. I don't know of any > way to gain access to a machine through NetBIOS services; I do however Except for guessing a share password - see ports/security/nbaudit. Reason enough to block all traffic on ports 137-139 on your firewall, WinNukes notwithstanding. Kris ----- "Never criticize anybody until you have walked a mile in their shoes, because by that time you will be a mile away and have their shoes." -- Unknown To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message