I Was wondering, a almost allways see port 135 & 139 Open, on every system, cant you use thoes ports to somthing, is ther a Trojan using thoes ports, or is ther a way to Connect to them.
Printable View
I Was wondering, a almost allways see port 135 & 139 Open, on every system, cant you use thoes ports to somthing, is ther a Trojan using thoes ports, or is ther a way to Connect to them.
Ports 137-139 are used by the NetBIOS protocol over TCP/IP. Basically it's an IBM-originated way for computers to share files, and is commonly known as 'windows shares'. In response to your question about attacking them, it really depends on a case-by-case basis whether the user has put a password on their shares, and how strong it is, etc.
You can learn alot from this paper put out by the Rhino9 team on NETBIOS. http://secinf.net/info/nt/wardoc.txt
Ag3NT
if you are not on a network, say your computer is on a stand alone and you have no plans in sharing your folders.. disable files and folder sharing. coz those services are enabled by default. a cracker can do a netbios attack on your computer and gain access to your files if your file sharing is not protected or enabled for no good reason.
Agent thanks for the link mate!
Agent posted 11-18-2001 10:31 PM ...
you're a bit late. Try not to do it again :)