RE: Port 135

To: "'Pete Clarke'" <pete@dynotechnic.co.uk>, "'debian-firewall@lists.debian.org'" <debian-firewall@lists.debian.org>
Subject: RE: Port 135
From: "Hooton, Gerard" <G.Hooton@ucc.ie>
Date: Fri, 16 Apr 2004 14:37:05 +0100
Message-id: <[🔎] F64493091FAC4D4DAC46261FEC19679906770CB7@xch4.ucc.ie>

What I have is a small LAN, a debian box which has a Modem attached and
running pppd.

-----Original Message-----
From: Pete Clarke [mailto:pete@dynotechnic.co.uk] 
Sent: 16 April 2004 14:26
To: debian-firewall@lists.debian.org
Subject: Re: Port 135 

> I am thinking that the port 135 traffic that is getting pass the 
> firewall
is
> part of an established connection
> If this is correct, what might running that requires responses to port
135?
> Any ideas?

135 is used (as is 139) by M$ NetBios broadcast (please correct me if that's
wrong). Windows broadcasts packets on these ports to advertise itself to
local networks, and to discover other machines.

Blocking this at the machine level will effectively diable network browsing
for Windows clients. You should be able to just drop this traffic on all
interfaces at the router level.

Are you using a standalone machine? if so, disable windows file sharing and
block all traffic to ports 135 and 139 on the router/firewall/machine.

Cheers,

Pete.

-- 
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Port 135
  - From: "Pete Clarke" <pete@dynotechnic.co.uk>

Prev by Date: Re: Port 135
Next by Date: Re: Port 135
Previous by thread: Re: Port 135
Next by thread: Re: Port 135
Index(es):
- Date
- Thread