Re: File and Printer Sharing still turned on after unchecked...confused :\

[Patrick Benson <benson () chello se>]

nokio x0 wrote:
> Hi all,
>
> My windows 98 machine still has ports 137, 138, 139 open even after i turned
> "File and Printer Sharing" options off. I succesfully used this to get into
> my system, so as you can imagine it's a big security risk. How do you shut
> these ports down? I have read many FAQs and papers concerning this but
> they've all said to just uncheck the two options in the "File and Printer
> Sharing" window under Control Panel > Networking. I have asked around on IRC
> and the most advice I got was to block the ports with my
> router/firewall(smoothwall)...But how come I can't just turn them off
> myself?

Sure you can, you need just one more step, 

Control Panel -> Network -> TCP/IP -> Properties: 

NetBIOS -> Uncheck the "I want to enable NetBIOS over TCP/IP" box

Bindings -> Uncheck both "Client for Microsoft Networks" and "File and
printer sharing for Microsoft Networks" (Disregard the warning that you
haven't selected any drivers to bind with, just select "No")

then just press OK with the rest until it's time to reboot and then you
will be just fine, no more 137-139 being visible. :) It's one thing
being visible within your LAN, it's a completely different matter being
visible on the Internet. If you want protocol bindings within your LAN
space just choose IPX or NetBEUI since they won't be travelling beyond
your perimeter. Sure, you can have a hardware firewall take care of that
but maybe some day it may not be working as it should be and then you
will have your next line of defense...

http://grc.com/su-bondage.htm  ..that page has been around a few years.


Regards,
-- 
Patrick Benson
Stockholm, Sweden

---------------------------------------------------------------------------
----------------------------------------------------------------------------