site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Equipment Support > Hardware By Brand > Belkin > Security log reports attacks on port 137 (netbios)

Search Topic:
 Uniqs:
1100		 Share Topic
Posting?
Post a:
Post a:
Links: ·Belkin FAQ ·Submit a FAQ ·Speed Tests ·Member Reviews ·Submit A Review ·PC Infected? ·HW by Brand
AuthorAll Replies

hockeynut2

join:2006-03-27
Round Rock, TX

Security log reports attacks on port 137 (netbios)

Belkin F5D8235-4 V2 with 2.01.09 firmware.

Wired to an iMac - wireless to most everything else including a windows laptop.

The security log reports loads of attacks that appear to be benign - source and dest ports are 137 (netbios) and IP addresses are within my own network (192.168,2,7 for example, is the windows laptop).

Example:

=>Found attack from 192.168.2.7.
Source port is 137 and destination port is 137 which use the UDP protocol.

Any idea why it is flagging these as attacks?
to forum · permalink · 2011-10-10 16:15:33 ·

supergeeky

join:2003-05-09
United State
kudos:3

Port 137 is legitimately used by Windows machines for File and Printer sharing, which is turned on as default, even if you aren't using it.

If the traffic is all within your network (LAN interface, private IPs) then this is not really a problem, but rather a false-positive or incorrect wording on behalf of the router.

If the Port 137 traffic were persistent from the outside/WAN interface, then I'd be considering it suspect. It could be that Belkin simply didn't design this device to differentiate "attack" from traffic hitting the LAN or WAN ports.

to forum · permalink · 2011-10-18 14:23:09 ·
Forums > Equipment Support > Hardware By Brand > Belkin

Friday, 01-Jun 22:28:43 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics