On 09/18/2013 01:15 PM, David H. Lipman wrote:
From: "Todd" <
[email protected]>
On 09/17/2013 04:24 PM, David H. Lipman wrote:
From: "Todd" <
[email protected]>
On 09/17/2013 06:29 AM, David H. Lipman wrote:
From: "Todd" <
[email protected]>
Hi All,
Hi All,
How do I close TCP Port 139?
Many thanks,
-T
# nmap --script smb-brute.nse --reason -p 137,138,139,445
192.168.255.100
Starting Nmap 6.25 (
http://nmap.org ) at 2013-09-16 19:13 PDT
Nmap scan report for KVM-WinXP.xxxx.local (192.168.255.100)
Host is up, received arp-response (0.0011s latency).
PORT STATE SERVICE REASON
137/tcp closed netbios-ns reset
138/tcp closed netbios-dgm reset
139/tcp open netbios-ssn syn-ack
445/tcp closed microsoft-ds reset
MAC Address: 52:54:00:F5:14:7E (QEMU Virtual NIC)
Nmap done: 1 IP address (1 host up) scanned in 0.26 seconds
Disable NetBIOS over TCP/IP.
Hi David,
Thank you! It even turned off port 135.
Here is a different XP virtual machine than
the first with a before and after.
-T
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File sharing and NetBIOS over TCP/IP both on:
# nmap --reason 192.168.255.117
Starting Nmap 6.25 (
http://nmap.org ) at 2013-09-17 10:32 PDT
Nmap scan report for kvm-winxp2.rent-a-nerd.local (192.168.255.117)
Host is up, received arp-response (0.0033s latency).
Not shown: 701 filtered ports, 296 closed ports
Reason: 701 no-responses and 296 resets
PORT STATE SERVICE REASON
135/tcp open msrpc syn-ack
139/tcp open netbios-ssn syn-ack
445/tcp open microsoft-ds syn-ack
Nmap done: 1 IP address (1 host up) scanned in 119.89 seconds
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File sharing and NetBIOS over TCP/IP both off:
[root@rn4 tony]# nmap --reason 192.168.255.117
Starting Nmap 6.25 (
http://nmap.org ) at 2013-09-17 10:37 PDT
Nmap scan report for kvm-winxp2.rent-a-nerd.local (192.168.255.117)
Host is up, received arp-response (0.00039s latency).
All 1000 scanned ports on kvm-winxp2.rent-a-nerd.local
(192.168.255.117) are filtered because of 1000 no-responses
Nmap done: 1 IP address (1 host up) scanned in 21.16 seconds
On my Router I explicitly block TCP & UDP ports 135 ~ 139 and 445
such
that there can be NetBIOS traffic passed between LAN and WAN. I want
NetBIOS over IP traffic on the LAN side.
Hi David,
Me too. On mine.
What I am up to is trying to close up a Point of Sale workstation
that stores encrypted credit cards locally. I want it in
"stealth" mode. In other words, completely quiet. The workstation
is even going to be by himself on his own leg of a fancy firewall.
Kaspersky's firewall lets all kinds of crap through. I will be
calling
their tech support today or tomorrow. (In W7, K's firewall lets
remote procedure calls through, lots of them, not just port
135 -- yikes!)
Why not then remove or disable the NIC altogether ?
Had crossed my mind.
The POS computer has to go out on the internet to process
credit cards and receive on line payments from a cloud service
A plane old mechanical cash register passed my mind too.