November 18th, 2001, 12:45 PM
I Was wondering, a almost allways see port 135 & 139 Open, on every system, cant you use thoes ports to somthing, is ther a Trojan using thoes ports, or is ther a way to Connect to them.
\"I hold you so that you will be whole.\"
\"I\'m not whole. Does that mean that you
won\'t hold me anymore?\"
November 18th, 2001, 09:24 PM
Ports 137-139 are used by the NetBIOS protocol over TCP/IP. Basically it's an IBM-originated way for computers to share files, and is commonly known as 'windows shares'. In response to your question about attacking them, it really depends on a case-by-case basis whether the user has put a password on their shares, and how strong it is, etc.
[HvC]Terr: L33T Technical Proficiency
November 19th, 2001, 03:31 AM
You can learn alot from this paper put out by the Rhino9 team on NETBIOS. http://secinf.net/info/nt/wardoc.txt
February 4th, 2003, 08:45 AM
if you are not on a network, say your computer is on a stand alone and you have no plans in sharing your folders.. disable files and folder sharing. coz those services are enabled by default. a cracker can do a netbios attack on your computer and gain access to your files if your file sharing is not protected or enabled for no good reason.
February 27th, 2003, 02:52 AM
Agent thanks for the link mate!
February 27th, 2003, 03:01 AM
Agent posted 11-18-2001 10:31 PM ...
you're a bit late. Try not to do it again
...This Space For Rent.