U
Uncle Kenny
Hi,
Due to my total stupidity it has taken me a while to figure out what was
happening here, but I eventually click. I thought it was something to
do with the firewall being misconfigured, but it isn't really.
From netstat:
Proto Local Address Foreign Address State
TCP 0.0.0.0:23 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1723 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1801 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2103 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2105 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2107 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1031 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1074 0.0.0.0:0 LISTENING
TCP 192.168.0.12:23 192.168.0.1:48013 ESTABLISHED
TCP 192.168.0.12:139 0.0.0.0:0 LISTENING
TCP 192.168.0.12:3389 192.168.0.1:47402 ESTABLISHED
TCP 192.168.0.12:3525 192.168.0.6:445 ESTABLISHED
TCP [::]:23 [::]:0 LISTENING 0
TCP [::]:135 [::]:0 LISTENING 0
TCP [::]:1026 [::]:0 LISTENING 0
TCP [::]:2103 [::]:0 LISTENING 0
TCP [::]:2105 [::]:0 LISTENING 0
TCP [::]:2107 [::]:0 LISTENING 0
TCP [::]:2869 [::]:0 LISTENING 0
UDP 0.0.0.0:161 *:*
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1025 *:*
UDP 0.0.0.0:1032 *:*
UDP 0.0.0.0:1038 *:*
UDP 0.0.0.0:1144 *:*
UDP 0.0.0.0:1601 *:*
UDP 0.0.0.0:1701 *:*
UDP 0.0.0.0:3320 *:*
UDP 0.0.0.0:3527 *:*
UDP 0.0.0.0:4500 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:1033 *:*
UDP 127.0.0.1:1036 *:*
UDP 127.0.0.1:1037 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:3514 *:*
UDP 192.168.0.12:123 *:*
UDP 192.168.0.12:137 *:*
UDP 192.168.0.12:138 *:*
UDP 192.168.0.12:520 *:*
UDP 192.168.0.12:1900 *:*
And the Windows Firewall has an exception for "File and Printer
Sharing". By default this is set up to listen on the local subnet only.
As you can see, the NetBIOS ports (137-139) are only listening on the
local subnet, which is fine, but the SMB port, 445, is listening on the
0.0.0.0 subnet, which is not desirable.
I, eventually, after buggering about for far too long, just changed the
scope for port 445 in the firewall to "All networks" (or whatever it is)
which now lets me in via SMB. For obvious security reasons I would
prefer to change the listening app to listen on the local subnet ONLY.
I'm currently using a wireless adapter, so I'm not overly happy with all
and sundry being able to access 445.
Of course, the WiFi connection is encrypted with WPA2/AES and is behind
a router firewall, but still... sometimes it isn't as I move around.
Googled, but no help.
TIA,
Ken.
Due to my total stupidity it has taken me a while to figure out what was
happening here, but I eventually click. I thought it was something to
do with the firewall being misconfigured, but it isn't really.
From netstat:
Proto Local Address Foreign Address State
TCP 0.0.0.0:23 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1723 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1801 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2103 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2105 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2107 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1031 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1074 0.0.0.0:0 LISTENING
TCP 192.168.0.12:23 192.168.0.1:48013 ESTABLISHED
TCP 192.168.0.12:139 0.0.0.0:0 LISTENING
TCP 192.168.0.12:3389 192.168.0.1:47402 ESTABLISHED
TCP 192.168.0.12:3525 192.168.0.6:445 ESTABLISHED
TCP [::]:23 [::]:0 LISTENING 0
TCP [::]:135 [::]:0 LISTENING 0
TCP [::]:1026 [::]:0 LISTENING 0
TCP [::]:2103 [::]:0 LISTENING 0
TCP [::]:2105 [::]:0 LISTENING 0
TCP [::]:2107 [::]:0 LISTENING 0
TCP [::]:2869 [::]:0 LISTENING 0
UDP 0.0.0.0:161 *:*
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1025 *:*
UDP 0.0.0.0:1032 *:*
UDP 0.0.0.0:1038 *:*
UDP 0.0.0.0:1144 *:*
UDP 0.0.0.0:1601 *:*
UDP 0.0.0.0:1701 *:*
UDP 0.0.0.0:3320 *:*
UDP 0.0.0.0:3527 *:*
UDP 0.0.0.0:4500 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:1033 *:*
UDP 127.0.0.1:1036 *:*
UDP 127.0.0.1:1037 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:3514 *:*
UDP 192.168.0.12:123 *:*
UDP 192.168.0.12:137 *:*
UDP 192.168.0.12:138 *:*
UDP 192.168.0.12:520 *:*
UDP 192.168.0.12:1900 *:*
And the Windows Firewall has an exception for "File and Printer
Sharing". By default this is set up to listen on the local subnet only.
As you can see, the NetBIOS ports (137-139) are only listening on the
local subnet, which is fine, but the SMB port, 445, is listening on the
0.0.0.0 subnet, which is not desirable.
I, eventually, after buggering about for far too long, just changed the
scope for port 445 in the firewall to "All networks" (or whatever it is)
which now lets me in via SMB. For obvious security reasons I would
prefer to change the listening app to listen on the local subnet ONLY.
I'm currently using a wireless adapter, so I'm not overly happy with all
and sundry being able to access 445.
Of course, the WiFi connection is encrypted with WPA2/AES and is behind
a router firewall, but still... sometimes it isn't as I move around.
Googled, but no help.
TIA,
Ken.