Re: Windows File Sharing: Facing The Mystery

Author	All Replies
TheWiseGuy Dog And Butterfly Premium,MVM join:2002-07-04 Yonkers, NY	reply to Daniel Re: Windows File Sharing: Facing The Mystery said by Daniel : Steve Gibson's site, while quite informative, sensationalize the risk to systems in a big way. All one needed to do to keep from sharing files over the Internet is unbind File and Print sharing from the TCP/IP protocol within network properties for the adapter that faces the outside. This could be done while leaving the binding intact for the internal adapter(s) so that you could benefit from file sharing on the internal, trusted network while having it disabled for the untrusted one(s). Can this be done on a Win9x or before box? Is Steve Gibson incorrect on this? said by Steve Gibson: After a reboot, the information-leaking port 139 will finally be closed . . . but ONLY IF every service is unbound from every instance of the TCP/IP protocol. If ANY one of the services remains bound to ANY instance of the TCP/IP protocol (i.e. TCP/IP for ANY adapter), then unsafe NetBIOS services will be available for ALL hardware adapters! »grc.com/su-rebinding9x.htm I could be wrong but I believe he is correct, that on a Win9x or before box, it is impossible to only bind NetBios to the Internal Adapter, that on a Win9x box it is all or nothing. -- Dog and Butterfly
	to forum · permalink · · 2005-04-07 08:43:24 ·
Daniel Premium,MVM join:2000-06-26 Pleasanton, CA clubs:	said by TheWiseGuy : I could be wrong but I believe he is correct, that on a Win9x or before box, it is impossible to only bind NetBios to the Internal Adapter, that on a Win9x box it is all or nothing. And I could be wrong as well, but I don't think I am. Remember the issue is that a very specific scenario has to exist in order to share files over the Internet. You need TCP/IP bound to File and Print Sharing for the Internet-facing adapter. If you only have TCP/IP installed, but it's not bound to TCP/IP on that adapter, it fails. It is my understanding that you can break bindings on the external adapter while keeping them intact on the internal one. This warrants more testing, however, as I haven't done this in quite some time. Thanks for the comment; I'll definitely confirm this. -- dmiessler.com - grep understanding knowledge
	to forum · permalink · · 2005-04-07 12:25:32 ·
TheWiseGuy Dog And Butterfly Premium,MVM join:2002-07-04 Yonkers, NY 1 edit	said by Daniel : It is my understanding that you can break bindings on the external adapter while keeping them intact on the internal one. This warrants more testing, however, as I haven't done this in quite some time. Thanks for the comment; I'll definitely confirm this. I'll be very interested in the results. I have never tested this myself, I know that port 139 does listen on all interfaces but I don't think that proves that Sharing is bound to the external adapter. I read Steve's info years ago and always figured it was correct, but testing it certainly is the correct way to go. -- Dog and Butterfly
	to forum · permalink · · 2005-04-07 14:31:09 ·


Monday, 09-Nov 05:52:49	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF