Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Router blocking 100's of NETBIOS requests. Normal?

Status
Not open for further replies.
stduc

stduc

Programmer
Nov 26, 2002
1,903
0
0
GB
I have always had my router block internet access using port 137 (NetBios) because I can't see any reason NetBios packets should have access to the internet. Am I right?

Under XP I used to get the odd report that a packet had been blocked. But now I am getting hundreds of reports from Windows 7.

So my question is, is this normal behaviour for Windows 7? or should I worry? I don't have Netbios over TCP enabled.

here is a small sample of the log file

Code: 
2010-09-27 11:53:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:116.10.107.9,137 - [NetBios rule match]
2010-09-27 11:53:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:95.211.125.155,137 - [NetBios rule match]
2010-09-27 11:53:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:193.169.86.73,137 - [NetBios rule match]
2010-09-27 11:53:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:60.13.39.202,137 - [NetBios rule match]
2010-09-27 11:53:44	Local0.Warning	192.168.0.1	TCP Packet - Source:192.168.0.11,52771 Destination:72.35.21.74,80 - [BLOCK]
2010-09-27 11:53:44	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:60.13.39.202,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	TCP Packet - Source:192.168.0.11,52783 Destination:72.35.21.74,80 - [BLOCK]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:60.13.39.202,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:221.201.137.94,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:66.151.61.127,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:62.198.113.25,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:123.182.38.246,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:124.235.241.110,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:81.185.146.196,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:27.188.39.124,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:93.69.16.87,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:122.245.139.48,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:213.146.189.100,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:195.211.49.46,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:218.74.116.56,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:110.159.120.185,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:116.235.224.49,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:195.211.49.47,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:109.54.59.102,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:79.98.40.234,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:41.250.179.110,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:111.161.3.23,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:151.57.2.9,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:175.17.156.165,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:27.44.168.103,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:77.125.93.248,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:122.233.2.26,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:180.109.152.63,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:125.33.200.33,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:222.60.44.14,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:218.6.247.230,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:113.9.217.58,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:218.196.110.217,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:80.74.126.85,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:183.27.160.26,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:125.123.69.236,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:112.92.222.146,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:94.167.98.91,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:218.51.13.74,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:123.166.46.216,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:219.128.1.109,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:220.178.39.186,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:116.227.46.124,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:222.87.107.88,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:151.16.106.145,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:122.244.131.204,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:60.211.247.166,137 - [NetBios rule match]
2010-09-27 11:54:14	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:79.90.62.218,137 - [NetBios rule match]
2010-09-27 11:54:19	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:124.228.85.5,137 - [NetBios rule match]
2010-09-27 11:54:24	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:114.239.189.85,137 - [NetBios rule match]
2010-09-27 11:54:29	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:218.6.247.230,137 - [NetBios rule match]
2010-09-27 11:54:35	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:222.69.242.154,137 - [NetBios rule match]
2010-09-27 11:54:40	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:122.193.111.68,137 - [NetBios rule match]
2010-09-27 11:54:46	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:114.221.141.228,137 - [NetBios rule match]
2010-09-27 11:54:50	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:78.83.168.30,137 - [NetBios rule match]
2010-09-27 11:54:55	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:60.191.71.50,137 - [NetBios rule match]
2010-09-27 11:55:02	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:124.229.216.199,137 - [NetBios rule match]
2010-09-27 11:55:07	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:115.196.154.58,137 - [NetBios rule match]
2010-09-27 11:55:13	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:61.135.195.41,137 - [NetBios rule match]
2010-09-27 11:55:19	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:125.110.230.47,137 - [NetBios rule match]
2010-09-27 11:55:24	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:111.173.99.38,137 - [NetBios rule match]
2010-09-27 11:55:29	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:119.117.111.223,137 - [NetBios rule match]
2010-09-27 11:55:33	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:116.114.15.27,137 - [NetBios rule match]
2010-09-27 11:55:38	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:188.18.63.143,137 - [NetBios rule match]
2010-09-27 11:55:44	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:59.46.199.2,137 - [NetBios rule match]
2010-09-27 11:55:52	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:218.50.67.245,137 - [NetBios rule match]
2010-09-27 11:55:57	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:207.99.65.250,137 - [NetBios rule match]
2010-09-27 11:56:03	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:183.70.153.248,137 - [NetBios rule match]
2010-09-27 11:56:07	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:114.105.34.136,137 - [NetBios rule match]
2010-09-27 11:56:13	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:124.160.47.2,137 - [NetBios rule match]
2010-09-27 11:57:07	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:124.160.47.2,137 - [NetBios rule match]
2010-09-27 11:57:07	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:61.161.168.45,137 - [NetBios rule match]
2010-09-27 11:57:07	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:61.150.92.146,137 - [NetBios rule match]
2010-09-27 11:57:07	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:60.214.220.90,137 - [NetBios rule match]
2010-09-27 11:57:08	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:124.239.211.208,137 - [NetBios rule match]
2010-09-27 11:57:08	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:220.179.183.22,137 - [NetBios rule match]
2010-09-27 11:58:08	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:123.158.202.246,137 - [NetBios rule match]
2010-09-27 11:58:08	Local0.Warning	192.168.0.1	UDP Packet - Source:192.168.0.11,137 Destination:123.165.96.14,137 - [NetBios rule match]

[navy]When I married "Miss Right" I didn't realise her first name was 'always'. LOL[/navy]
 
Sort by date Sort by votes
Doesn't look good to me. Have you looked any of those IP addresses up? I checked one: China.
 
Upvote 0 Downvote
What Dilettante means is, RUN Malware checks on that machine ASAP!!!

MBAM

SuperAntiSpyware

post a HiJackThis Log if you want, either another member or I will discern it for you if you do not know what you are looking for...

HiJackThis






Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"
 
Upvote 0 Downvote
Yes, it would have been better on several levels to say it that way. I'd suspect an infection.
 
Upvote 0 Downvote
Update,

The packets start & stop at the same time I start and stop Resource Monitor. So the plot thickens.

HijackThis came up clean - all green ticks in the analyser. The system has been scanned by Avast and Windows Defender. So I don't think its a bug. I think it's some weird feature of the Resource Monitor. I've seen similar behaviour when running sysinternals TCPView.

As to why Resource Monitor is trying to contact China I haven't the slightest idea. But I am not so worried anymore.

[navy]When I married "Miss Right" I didn't realise her first name was 'always'. LOL[/navy]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sebastian42
  • Locked
  • Question
Blocking unwanted alerts 1
Replies
4
Views
80
Rick998
Rick998
johncp
  • Locked
  • Question
W10 Defender blocking installation of uTorrent
Replies
9
Views
197
mikrom
mikrom
pjw001
  • Question
Latest Windows Update - End of Service
Replies
2
Views
196
pjw001
pjw001
goombawaho
  • Locked
  • Question
Risk of running unsupported server version 1
Replies
7
Views
124
goombawaho
goombawaho
Flinx
  • Locked
  • Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
248
Flinx
Flinx

Part and Inventory Search

Sponsor

Back
Top