Penetration Testing mailing list archives
Re: [PEN-TEST] Closing Port 139
From: "Walling, Ken" <Ken.Walling () USA XEROX COM>
Date: Thu, 12 Oct 2000 16:10:40 -0400
This might be worth mentioning just in case you aren't aware of this feature. If you go into your network settings (R-click Network Neighborhood - Properties) click on the protocol tab double click TCP/IP Protocol select the adapter in question from the pull down box click on the advanced button click check box to "Enable Security" (if it isn't) click on Configure --- now you will be in the TCP/IP security window from here you have the option to "Permit Only" for TCP, UDP, and IP Protocols I suggest you use all three of these. You will have to figure out what you need - but for example - a web server would only need port 80 TCP and UDP and Protocol and... damned if I can remember the MS code to enable only TCP ummmm... well, at least we turned off port 139 :) If anyone knows the Protocol number for TCP (maybe 7 or 9? or 16? - darn) please let me know --- sleepless nights to follow now until I recall :( happy port blocking, Ken -----Original Message----- From: Kasey Speakman [mailto:kspeakman () DSENGINEERING COM] Sent: Thursday, October 12, 2000 9:54 AM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Closing Port 139 How do I close this port? The situation is that we are using an NT Server machine with MS Proxy Server. There are no shares on this computer. The computer has 2 nics. One goes to the LAN, and the other goes to our router. I have the internet nic unbound from the WINS on both the server and the workstation services, but the other card is bound to the WINS on both services. Auditing tools still show that the port is open, even though it won't give anyone any connections, but I don't want any attention being drawn to it by that port being open at all. Help will be appreciated! Thanks, Kasey
Current thread:
- Re: [PEN-TEST] Closing Port 139, (continued)
- Re: [PEN-TEST] Closing Port 139 Jamie C. Pole (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Rebecca Kastl (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Deus, Attonbitus (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Costa, Andrew (Oct 12)
- [PEN-TEST] Closing Port 139 Kasey Speakman (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Ansar Mohammed (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Deus, Attonbitus (Oct 12)
- Re: [PEN-TEST] Closing Port 139 SMILER (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Marc Maiffret (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Tim Crothers (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Walling, Ken (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Frank Dimina (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Deus, Attonbitus (Oct 12)
- Re: [PEN-TEST] Closing Port 139 Frank Dimina (Oct 13)
- Re: [PEN-TEST] Closing Port 139 Deus, Attonbitus (Oct 13)
- Re: [PEN-TEST] Closing Port 139 Erik Birkholz (Oct 14)
- Re: [PEN-TEST] Closing Port 139 David Pick (Oct 14)