Among the new ports used by Windows 2000, Windows XP and Windows Server 2003, is TCP port 445 which is used for SMB over TCP.
The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT/2000/XP. In Windows NT it ran on top of NetBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000/XP/2003, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NetBT. For this they use TCP port 445.
At its simplest NetBIOS on your LAN may just be a necessary evil. NetBIOS on your WAN or over the Internet, however, is an enormous security risk. All sorts of information, such as your domain, workgroup and system names, as well as account information is obtainable via NetBIOS. It really is in your best interests to ensure that NetBIOS never leaves your network.
If you are using a router as your Internet gateway then you will want to ensure that it does not allow inbound or outbound traffic via TCP ports 135-139.
If you're using a Firewall then you should also block the same ports - TCP ports 135-139.
If you are using a multi-homed machine i.e. more than 1 network card, then you should disable NetBIOS on every network card, or Dial-Up Connection under the TCP/IP properties, that is not part of your local network.
星期四, 10月 12, 2006
星期二, 10月 10, 2006
星期一, 10月 09, 2006
星期日, 10月 08, 2006
星期三, 10月 04, 2006
訂閱:
文章 (Atom)
-
其實不大想點名道姓講出「雞伯嶺」來。 始終這裡偏僻,沒有公共交通工具經此。如果揸車而來,多幾輛車已經會動彈不得。 以前曾經來過,但發現突入狗窩禁戒區,被幾隻惡犬嚴重警告而身退,但是地形則留下深刻印象:朝西的大斜坡,整個西部通道大橋一覽無遺。 這裡開車只是大約...
-
香港地方說不大,其實郊遊地方不少。 青龍頭(沈澱池)起步,可以銜接幾個郊遊徑,可近可遠。對於揸車前來的,就會選擇「圓周」型的路線了。 今天,我們就以圓墩古村(民安隊訓練營)為目標走了一圈。 揸車去郊外是老婆開心的事情:不用給泊車費啊。將車開入綠茵茵的郊野公...
-
明天,步入第二人生 感恩! 也許,一生中沒有榮華富貴, 但是,平平安安已經足矣。
