Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Closing Port 139

From: Tim Crothers <TimC () EVINCI COM>
Date: Thu, 12 Oct 2000 15:54:02 -0400
Nope, can't do that in this case.  Yes, removing the server service stops MS
NT from listening on port 139 but if you remove the server service here you
will break MS Proxy server.

TC

-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf
Of SMILER
Sent: Thursday, October 12, 2000 1:08 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Closing Port 139


Closing port 139 is very easy :)
Remove the SERVER SERVICE from your machine and it´s done !
Another way would be to place a firewall in between the NT machine and the
Internet and filter that port

smiler () vxd org


----- Original Message -----
From: "Kasey Speakman" <kspeakman () DSENGINEERING COM>
To: <PEN-TEST () SECURITYFOCUS COM>
Sent: Thursday, October 12, 2000 2:54 PM
Subject: Closing Port 139



How do I close this port?  The situation is that we are using an NT Server
machine with MS Proxy Server.  There are no shares on this computer.  The
computer has 2 nics.  One goes to the LAN, and the other goes to our

router.

I have the internet nic unbound from the WINS on both the server and the
workstation services, but the other card is bound to the WINS on both
services.  Auditing tools still show that the port is open, even though it
won't give anyone any connections, but I don't want any attention being
drawn to it by that port being open at all.  Help will be appreciated!

Thanks,

Kasey
Previous By Date Next
Previous By Thread Next

Current thread: