hey guys.... i was just fooling around with my institution's domain server. ran a port scan on it... it's running win 2000 and i found a strange thing. port 139 is open. are there any known exploits for udp or netbios??
I'm running on an XP system, and the last time I downloaded something to close Netbios from grc.com I was unable to load IE. Has this happened to anyone else.
Gosh, those stupid admins must have ENABLED netbios.. maybe network REALLY needs it for something like logging Windows clients to domain, or maybe for authenticating users. Not sure thought
You should not see NetBIOS on the public side, NetBIOS uses Broadcast so it basically broadcasts your machine's name to the internet. NetBIOS won't pass an NAT device, such as a router. If you don't have a router you can disable NetBIOS over TCP/IP on the WINS tab of TCP/IP properties on Windows machines. Needless to say, you should also disable Client for MS Networks and File Sharing on the external interface.