dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
21

workablob
join:2004-06-09
Houston, TX

workablob to bcool

Member

to bcool

Re: NetBIOS over TCP/IP on Windows 7 SP1

Unless your router is configured to allow ports 137, 138, or 139 NetBIOS traffic willl never leave your LAN.

Blob

bcool
Premium Member
join:2000-08-25

2 edits

bcool

Premium Member

said by workablob:

Unless your router is configured to allow ports 137, 138, or 139 NetBIOS traffic willl never leave your LAN.

Blob

So far as I can tell, the router is NOT configured to allow ports 137, 138, or 139. Is there anything useful that comes from test at »www.grc.com/x/ne.dll?bh0bkyd2 (GRC ShieldsUP!). I always pass it ("STEALTH" everything) with flying colors if that means anything at all?

EDIT: FWIW...This is result of probing NetBIOS ports on my machine:
Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

Unable to connect with NetBIOS to your computer.

All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.


workablob
join:2004-06-09
Houston, TX

1 recommendation

workablob

Member

That's what I expected. That the ports are not open. So, you have nothing to worry about regarding NetBIOS.

Thanks,

Blob

bcool
Premium Member
join:2000-08-25

1 edit

bcool

Premium Member

I suppose if I really wanted to get anal about the issue, I could run test with ZoneAlarm Free turned off and just router firewall up...just to see what Westell 327w is doing on its own. But you know what...for now this is enough.

Thanks all.
85160670 (banned)
"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB

1 recommendation

85160670 (banned)

Member

Click for full size
Good question habbit about your own security & after NETBIOS is secure ..... hope yours machine is able "SECURE_ABLE" too [ »www.grc.com/securable.htm ]

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

1 recommendation

NormanS to bcool

MVM

to bcool
said by bcool:

So far as I can tell, the router is NOT configured to allow ports 137, 138, or 139. Is there anything useful that comes from test at »www.grc.com/x/ne.dll?bh0bkyd2 (GRC ShieldsUP!). I always pass it ("STEALTH" everything) with flying colors if that means anything at all?

It is useful for troubleshooting port forwarding; but take "Full Stealth" with a grain of salt. I "fail" stealth because I have configured my router to respond to "ping" on the WAN. This is necessary for participation in a site group monitor:

»/testh ··· ?view=81

Passing the GRC NetBIOS test is mostly default theses days, because most ISPs block at least port 139, if not all of the NetBIOS ports.