Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

I have read in several post and oth 2

Status
Not open for further replies.
PhilippeSignoret

PhilippeSignoret

Programmer
May 19, 2001
21
0
0
MX
I have read in several post and other parts of the web that ports 137 and 139 are dangerous if they are listening. I did
Code: 
netstat -an
and found this:
Code: 
TCP    myip:137    0.0.0.0:0              LISTENING
TCP    myip:138    0.0.0.0:0              LISTENING
TCP    myip:139    0.0.0.0:0              LISTENING
Why are these ports dangerous? What virus, backdoor, etc uses them? Is there a way to close them without getting a firewall? Can I close the port with Winsock in VB?

Thanks,
Philippe
 
Sort by date Sort by votes
LoL, took me forever to get the formating right and I forget to put a subject! I am bad...
 
Upvote 0 Downvote
Ports 135 through 139 are dangerous because they are the ports that are used by Windows networking. All file and printer sharing and user account enumeration is performed through these ports, so you cannot do Windows networking without having them open. But you don't want to open them to the internet. That is why you see so many posts about using firewalls to protect them.

You can close them if you use multiple NICs (or dial-up access to the internet) by removing the binding of Windows networking to that interface. As a general rule, only the application that opened the port is capable of closing it.
pansophic
 
Upvote 0 Downvote
Can you translate
You can close them if you use multiple NICs (or dial-up access to the internet) by removing the binding of Windows networking to that interface.
to English please (simplyfy it) :).

Sadly enough, I use AOL on this computer.

-Philippe
 
Upvote 0 Downvote
Lets imagine you NEED windows networking locally with other computers in the building and you NEED aol access via dial up.


you can bind TCP to the dial up adaptors, (AOL has one of their own), but do NOT need to bind Microsoft clients to dial up.

the ethernet adaptor may ONLY need the Microsoft clients if it is a small network, or it may need TCP as well, if there are many users on the ethernet. I tried to remain child-like, all I acheived was childish.
 
Upvote 0 Downvote
If you go to Steve Gibson has written at length on securing your Windows against internet exploits on his "Shields Up" pages, as well as safe tests that you can run on your own system over the net.
 
Upvote 0 Downvote
Hmm. Don't put too much faith in GRC security scans alone. I've received different results from the same computer with the same configuration a few times, and on a system running a webserver I was apparently fully stealthed.

Still, it's ok 90% of the time ;)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zebad
  • Locked
  • Question
TFTP interference from another host (Windows Server , VxWorks Client)
Replies
0
Views
147
Zebad
Zebad
jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
148
sbcsu
sbcsu
Vitor Fernandes-Neto
  • Locked
  • Question
Ldap authentication in classic asp, retrieving givenname, displayname etc
Replies
0
Views
159
Vitor Fernandes-Neto
Vitor Fernandes-Neto
CryptoTuke
  • Locked
  • Question
Maximum buffer size on Winsock for sending one block of data over TCP / IP
Replies
1
Views
183
maybeimaleo
maybeimaleo
nvn
  • Locked
  • Question
SNMPV3 msgauthoritativeEngineID and ContextEngineID
Replies
0
Views
47
nvn
nvn

Part and Inventory Search

Sponsor

Back
Top