Re: is it rational to close the 139 port
On Sun, Jul 22, 2012 at 3:25 AM, lina <lina.lastname@gmail.com> wrote:
>
> strangely my netstat showed my 139 and 445 ports are open.
>
> tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN
> tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
>
> Do I need specify
>
> -A INPUT -p tcp --dport 139 -j REJECT
>
> in iptables?
>
> For all INPUT has already set -P INPUT DROP, except open for 80, 443, 22,
If you're DROPping everything except 22/80/443, then the 139/445
LISTENs are useless because nothing can access them remotely; so you
must not be using them and you may as well disable/uninstall samba.
If I've misunderstood and you want to disable 139 and enable 445, you
can. You'll then be accessing samba shares via smb-over-tcp rather
than smb-over-netbios-over-tcp. You'll also have to use ip addresses
to access samba shares unless you're running a dns server (or *if* - I
have no idea whether this is feasible or logical - you run wins on 137
or 138, I've forgotten which it is).
Reply to: