Security Basics mailing list archives

RE: Basic firewall filtering question

From: "Gallina, Michael" <gallina () ocjs ohio gov>
Date: Mon, 26 Jul 2004 14:27:29 -0400

If it's a local (Personal) firewall, then you would want to eliminate
brodcasts on those ports.

For example, you could create a deny rule for 192.168.0.255 on ports 137
and 139 (assuming a 192.168.0.x network).

This way, the machine isn't notifying anyone on the network about its
presence.

-Michael


-----Original Message-----
From: Ferino Mardo [mailto:RMardo () ALJOMAIHBEV com] 
Sent: Saturday, July 24, 2004 8:47 AM
To: security-basics () securityfocus com
Subject: Basic firewall filtering question

If a personal firewall is installed in a PC connected to a Win2K LAN,
netbios is allowed by allowing ports 137 to 139 in both directions. How
does one define a rule such that:

1. active directory authentication/browsing works

While at the same time making the PC invisible to the rest of the LAN
users?

TIA.

------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off any course! All of our class sizes are guaranteed to be 10 students
or less to facilitate one-on-one interaction with one of our expert
instructors. 
Attend a course taught by an expert instructor with years of
in-the-field pen testing experience in our state of the art hacking lab.
Master the skills of an Ethical Hacker to better assess the security of
your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----




---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Basic firewall filtering question Ferino Mardo (Jul 26)
- Re: Basic firewall filtering question Gethin Jones (Jul 26)
- Re: Basic firewall filtering question mike (Jul 26)
- <Possible follow-ups>
- RE: Basic firewall filtering question Gallina, Michael (Jul 27)
- RE: Basic firewall filtering question Ferino Mardo (Jul 28)
- RE: Basic firewall filtering question Ferino Mardo (Jul 29)