Access to My Network Places (Rule?)

Discussion in 'LnS English Forum' started by tharris297, Nov 24, 2004.

Thread Status:
Not open for further replies.
  1. tharris297

    tharris297 Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    3
    Ok ... uninstalled Zone Alarm to give Look N Stop a try. As soon as I rebooted, I tried to print to my printer, which is shared through Windows networking i guess. I went to My Network Places and I cannot access any of my shared folder or printers. I uninstalled Look N stop, reinstalled ZOnealarm and now I can print and share again. I know Look N Stop is like one of the most secure Firewalls, but man, I do I have to create a rule just to use windows networking? I am very new to this entire rule making firewalling, Been using Zone alarm for a while, but thought I needed to check out stonger firewalling. I searched the forum and couldnot find any questions or answers that I felt worked in my situation. I have no idea which port is used for My Network places ... some help please

    Thanks in advance
    Thomas
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
  3. SimonW

    SimonW Registered Member

    Joined:
    Feb 22, 2004
    Posts:
    115
    Location:
    Leicester, UK
    Hi,

    I always find the rule at the very bottom of this page (sharing.rie) works well and is already English:

    http://www.looknstop.com/En/rules/rules.htm

    (BTW Frederic - the table at the top of this linked page references this file as well but the download link in the table gets the french rule file instead :) )


    SimonW
     
  4. tharris297

    tharris297 Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    3
    Thanks .... that deserves a bookmark!
     
  5. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    Just a note: Those rules use NetBIOS ports 137-139, and not the Win2K/XP SMB protocol (TCP 445), which is all that is really required on those platforms.
     
  6. tharris297

    tharris297 Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    3
    Does this mean my netbios is now open to the world? Am i now hackableo_O
     
  7. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    No, you're not any more "hackable" unless you open up NetBIOS to the outside world. But you might still wish to get rid of NetBIOS altogether.

    You never said what platform(s) you are running. If you are running Win2K or WinXP (and no Win9x/Me computers, anywhere on the resource-sharing network), disable NetBIOS on all networked computers:

    The Advantages of Direct Hosting of SMB over TCP/IP
    http://support.microsoft.com/?kbid=315267

    NetBIOS over TCP/IP (NetBT) concepts
    http://www.microsoft.com/windows2000/en/server/help/sag_WINS_und_NetbiosConceptsNode.htm

    Then you can create a rule that allows SMB traffic (TCP/UDP 445) in/out for just your local computers. (Actually, so far I've found that allowing TCP 445 alone is enough, and haven't needed to allow UDP 445 yet.) I also add ethernet addresses to my SMB rules, just for a little extra security.

    Then, get rid of any NetBIOS rules (ports 137-139) you had previously.

    My hardware firewall blocks any external requests to my local port 445, but even without that in place, the request would die at my LNS "Block all other packets" rule, which is at the very bottom of my rule listing. The same is true of ports 137-139, except that even without LNS, the request wouldn't do any good since NetBIOS isn't enabled. (I don't care at all about "stealth". Shhhh! Don't tell anyone!) If it gives you a warm fuzzy, you can block all NetBIOS and/or SMB explicitly.
     
  8. SimonW

    SimonW Registered Member

    Joined:
    Feb 22, 2004
    Posts:
    115
    Location:
    Leicester, UK
  9. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    Sure, as long as (a) it's not buggy, and (b) you don't close down port 445, if you do plan on using SMB.

    I always prefer doing that sort of thing manually, because invariably, those damned utilities always do stupid things I don't want done.
     
  10. Thomas M

    Thomas M Registered Member

    Joined:
    Jan 12, 2003
    Posts:
    355
    nameless,
    An interesting post, thanks :)
    Are you sure it will work on a Win2k system? The MS link refers to Win-XP only.

    Thanks,
    Thomas :)
     
  11. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
Thread Status:
Not open for further replies.