Just a thought about port 135

Hi All,

I am still in the process of learning..(aren't we all?) LOL.. anyways I am rapidly learning all about my firewall and router thanks to Wilders . I posted a while back on port 113 as I had done a scan at WWW.GRC.COM.. nice work by the way... and all my ports came up stealthed but port 113 it showed just closed.

So, I asked the big question...WHY? The responces I got back from CrazyM and BltzenZues were that closed was just as good as stealthed, and there was really no reason to worry or start writing rules for the port as it was not needed. CrazyM then made the suggestion to me to look into my router config (LinkSys 4 port) under the advance>forwarding and there it was that I could
direct port 113 to a non existant ip and that would stealth it instead of showing it just closed. Worked out nicley too it now shows stealth at GRC

With all this HOOPLA on the internet latley with port 135
even though my port 135 is stealthed could I infact forward the port 135 as I did with 113 as a added layer of protection? Or is this really not necessary? Just a thought. Any comments or ideas on this thought would be greatly appreciated.

Best Wishes,
FireDancer

 

If you want to make any rule for that, many people make rules to block local, incoming, to 135-139 TCP and UDP in their software firewall rules.
Nothing gained by forwarding 135 with your router.

 

Hi FireDancer

It would not add anything in the way of security.
Ideally you should let your router deal with any unsolicited inbound connection attempts and packets. No point forwarding anything through unless you have to.

Regards,

CrazyM

 

Hi Root and CrazyM,

hope you are both having a great weekend I have rules for 137-139 allready and really dont feel the need to make any more as I do not use networking on my puter..allthough I might some day . Port 135 as of right now is stealthed and I belive that All un soliceted packets will be ignored . I belive if I read right that this worm is only affecting win 2000/XP/ect I am curently running WIN98SE and dont belive I have to worry about it.

My thinking was that by forwarding the traffic it might add a layer of protection on top of the stealth. I guess my thinking was way off I am sorry if my thoughts seemed or are in some shape of ignorance. I was thinking that if a packet was solicited to 135 you might be able to dodge a possible attack by re directing or forwarding the inbound traffic to that port. Thanks for setting me straight. I am very secure at the moment and thank all you for making that possible.

I still continue to pick at the brains of my superiors as it serves me well.. consider your selfs superiors all of you here at Wilders are great thanks much.

Best Wishes,
FireDancer

 

speaking of port 135, you might want to block incoming traffic on port 135 UDP as well, as it is used by MS Messenger Service...
Dolf

 

Hi Dolf,

Thanks for the suggestion...allthough I allread have a Block ALL Lower ports rule 1-1023

FireDancer