Ok ... uninstalled Zone Alarm to give Look N Stop a try. As soon as I rebooted, I tried to print to my printer, which is shared through Windows networking i guess. I went to My Network Places and I cannot access any of my shared folder or printers. I uninstalled Look N stop, reinstalled ZOnealarm and now I can print and share again. I know Look N Stop is like one of the most secure Firewalls, but man, I do I have to create a rule just to use windows networking? I am very new to this entire rule making firewalling, Been using Zone alarm for a while, but thought I needed to check out stonger firewalling. I searched the forum and couldnot find any questions or answers that I felt worked in my situation. I have no idea which port is used for My Network places ... some help please

Thanks in advance
Thomas

Hi,

You need to import the following rules:
http://looknstop.soft4ever.com/Rules/Partage%20de%20fichiers%20reseau%20local.rie (sorry the file is in French).

Frederic

Hi,

I always find the rule at the very bottom of this page (sharing.rie) works well and is already English:

http://www.looknstop.com/En/rules/rules.htm

(BTW Frederic - the table at the top of this linked page references this file as well but the download link in the table gets the french rule file instead :) )


SimonW

Thanks .... that deserves a bookmark!

Just a note: Those rules use NetBIOS ports 137-139, and not the Win2K/XP SMB protocol (TCP 445), which is all that is really required on those platforms.

Does this mean my netbios is now open to the world? Am i now hackable???

No, you're not any more "hackable" unless you open up NetBIOS to the outside world. But you might still wish to get rid of NetBIOS altogether.

You never said what platform(s) you are running. If you are running Win2K or WinXP (and no Win9x/Me computers, anywhere on the resource-sharing network), disable NetBIOS on all networked computers:

The Advantages of Direct Hosting of SMB over TCP/IP
http://support.microsoft.com/?kbid=315267

NetBIOS over TCP/IP (NetBT) concepts
http://www.microsoft.com/windows2000/en/server/help/sag_WINS_und_NetbiosConceptsNode.htm

Then you can create a rule that allows SMB traffic (TCP/UDP 445) in/out for just your local computers. (Actually, so far I've found that allowing TCP 445 alone is enough, and haven't needed to allow UDP 445 yet.) I also add ethernet addresses to my SMB rules, just for a little extra security.

Then, get rid of any NetBIOS rules (ports 137-139) you had previously.

My hardware firewall blocks any external requests to my local port 445, but even without that in place, the request would die at my LNS "Block all other packets" rule, which is at the very bottom of my rule listing. The same is true of ports 137-139, except that even without LNS, the request wouldn't do any good since NetBIOS isn't enabled. (I don't care at all about "stealth". Shhhh! Don't tell anyone!) If it gives you a warm fuzzy, you can block all NetBIOS and/or SMB explicitly.

Also well worth downloading Windows Worms Doors Cleaner v1.4.1

http://www.firewallleaktester.com/wwdc.htm

to help out with disabling NetBios (+others) !

SimonW

Sure, as long as (a) it's not buggy, and (b) you don't close down port 445, if you do plan on using SMB.

I always prefer doing that sort of thing manually, because invariably, those damned utilities always do stupid things I don't want done.

-{ Quote: "If you are running Win2K or WinXP... , disable NetBIOS on all networked computers:

The Advantages of Direct Hosting of SMB over TCP/IP
http://support.microsoft.com/?kbid=315267
" }-

nameless,
An interesting post, thanks :)
Are you sure it will work on a Win2k system? The MS link refers to Win-XP only.

Thanks,
Thomas :)

Yes. Your own Windows 2000 docs probably describe this. But here is the Windows 2000 version of that same article:

http://support.microsoft.com/?kbid=204279