Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23

Thread: Have your box scanned with a summary of what is found

  1. #11
    Junior Member
    Join Date
    Aug 2004
    Posts
    14
    excuse me i'm sorry. I use port 139 for internal file sharing. I should have been more specific. I use a linksys nat router btw. My friend and I live together, and her machine is a windows computer. I allow her to download music from me via that port. You know, window's file sharing.
    They have computers, and they may have other weapons of mass destruction. (Janet Reno)

    I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We\'ve created life in our own image. (Stephen Hawking)

  2. #12
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915
    Hey Hey,

    I think that what TS is getting at is that it's appearing open to a port scan... That shouldn't be happening... especially if you are only using it internally... You have to stop and ask yourself why someone outside your computer can see port 139 open. Especially if you are using NAT on a linksys router. Is your computer in the DMZ? Do you have port forwarding? If so.. Why? There are many questions to ask yourself... You also didn't answer the firewall question. Do you run a firewall, or rely entirely on the NAT to protect you, this won't stop all outbound transactions and programs.

    Btw It's Windows... not doze.. :P

    Peace,
    HT

  3. #13
    Junior Member
    Join Date
    Aug 2004
    Posts
    14
    No, i rely entirely on the NAT, and yes i forward port 139 internally. I'm by no means a security expert thats why im here, so take it easy on me boys!
    They have computers, and they may have other weapons of mass destruction. (Janet Reno)

    I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We\'ve created life in our own image. (Stephen Hawking)

  4. #14
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Then there is no reason that grc should be able to see that port as open through a Linksys router unless you have port 139 forwarded on the router.

    If this file sharing takes place _entirely_ within the NAT zone of the router then you have no reason to be forwarding the port at the router. Do me a favor:-

    Open Browser
    In the address bar enter http://192.168.1.1 (unless you changed the address, then use that)
    Select Advanced - Forwarding and make sure that any enties you have there on port 139 are not checked "Enable" in the last column.
    If there is one, please uncheck it and click Apply.
    While you are there please go to the Password tab and change the password

    If I'm teaching you to "suck eggs" I apologize but if GRC can see port 139 open then the whole world can too and it's very exploitable. There is no need for you to adjust the router for file sharing that takes place within it. If you are having problems internally it isn't the router's fault, it's something else.

    Btw It's Windows... not doze.. :P
    HT.... There's a possibility she's right.... But this is why I like you...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #15
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,915
    Originally posted here by WKAFC
    No, i rely entirely on the NAT, and yes i forward port 139 internally. I'm by no means a security expert thats why im here, so take it easy on me boys!
    Hey Hey,

    Not trying to attack ya... just getting the ball rolling....

    Why are you forwarding it? If you forward it on the router that's not internally... That's external to internal.. If you have two computers behind the NAT (192.168.1.100 and 192.168.1.101 or whatever).... Then they'll use port 139 on their own without any forwarding... The Port Forwarding config on the linksys web interface is to forward external ports on your public IP Address to internal ports on the various private IP Address.

    Peace,
    HT

  6. #16
    er0k
    Guest
    HT is right. I believe to bring up the interface for most linksys router's it is 192.168.1.1 in your browser. and the password is like: admin or something. But i would assume you knew that as you have been forwarding ports. port 139 is netbios.. beware my friend for it is a dangerous one. Disable port forwarding of 139, and use file/print sharing.

  7. #17
    Junior Member
    Join Date
    Aug 2004
    Posts
    14
    ok ok ill work on it. So i don't need to mess with ports to share files internally?
    They have computers, and they may have other weapons of mass destruction. (Janet Reno)

    I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We\'ve created life in our own image. (Stephen Hawking)

  8. #18
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    WK:

    If _both_ computers are inside the Linksys router, (ie: they are both plugged in to the back of the Linksys in ports that do not have WAN written under them), then there is no reason at all to have to forward ports.... Please block it ASAP.... We''ll deal with the possible problems it has caused later.... For now, the advice has been good so far.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #19
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Originally posted here by ss2chef
    grc.com and Steve Gibson get slammed often as he is very vocal about silly Microsoft programming choices. He jumped up and down about XP and RAW Sockets for some time.
    Yes, when the jumping was rather unnecessary as we (myself and others) had been telling him on his news server for some time. I used to hit up grc's news servers quite a bit before Sept. 11, 2001, but after watching a bunch of the arabs membership get verbally abused quite heavily (to the point of death threats) by other membership, and watching none of the mods (or Mr. Gibson himself) do anything about it I decided it wasn't the place for me, so I left. You'll note my signup date here coincides with around the time I stopped going to GRC.

    He is also is own best cheerleader and that irks people.
    The selfscan is fast and is a good tool for a quickie if you dont have access to a box to hit yourself with.
    I think he is a pretty smart dude and a great writer when he can get out of his own way....

    I have always loved this writeup about a DDOS attack againt his site....
    http://www.grc.com/dos/grcdos.htm
    All of his stuff reads like the Inquirer, but by and large he does know how to write assembly. Big deal, writing assembly doesn't make you a genius nor a security expert.

    One of the issues I have with the scan is that it considers everything closed to be bad, which is not the case. Back when I frequented GRC, Steve held the opinion that "stealth" (no reply) was better than "closed" (reply that the port is closed). I personally made an effort to show to him that it really didn't matter as there are always ways to tell if a host is up or not. I provided evidence, he dismissed it at the time as being "too advanced for your average hacker", another irrelevant point, given that anyone enumerating a network of home PCs will treat an all-closed system in the same light as a non-existant system.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  10. #20
    Junior Member
    Join Date
    Aug 2004
    Posts
    14
    Originally posted here by Tiger Shark
    WK:

    (ie: they are both plugged in to the back of the Linksys in ports that do not have WAN written under them).
    wow. i'm not that stupid. i did setup the network you know
    They have computers, and they may have other weapons of mass destruction. (Janet Reno)

    I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We\'ve created life in our own image. (Stephen Hawking)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •