Newbie enters the arena...

Discussion in 'LnS English Forum' started by Blackspear, Apr 20, 2005.

Thread Status:
Not open for further replies.
  1. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Well I have just installed LnS on 2 PC's running through a Netgear ProSafe 328S Firewall and imported shating.rie which then allows:

    TCP1: File sharing. Authorize outbound TCP connections from ports 137 to 139.

    TCP2: File sharing. Authorize inbound TCP connections on port 137.

    UDP: File sharing. Authorize UDP ports 137 to 139.

    Now the question, being totally GREEN to this, and the only reference I have to port 137 was Opaserv specifically targeted port 137 across the internet, can someone enlighten me please over port 137 and UDP and why this is not a risk.

    Cheers :D
     
  2. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Hi Blackspear,

    Good to see you on the LnS forum!

    To answer your question - It's not a risk because it only opens these ports for specific IP addresses (in this case your network address 192.168.x.y).

    Any other attempts to connect through these ports which are not from/going to these addresses will be blocked by LnS.
     
  3. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Thanks mate, I knew it would be something simple, I am a curious cat, and when so, I ask questions ;) :D

    Cheers :D
     
  4. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    No problem. If you don't ask questions, you often don't get answers! :)
     
  5. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    OK, here's another one. I want to protect 2 computers on a network out of say 10 computers. I want shared files between all computers and only the 2 need to have LnS, is this possible?

    Cheers :D
     
  6. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Yes, it should be possible.

    You would have to modify the three rules to allow access to the IP addresses of all the PC's on the network. This would allow the protected PC's to send data over ports 137-139 to all the PC's IP's in the network, whilst blocking anything else sent over those ports from a different IP address (ie. one outside of the network).
     
  7. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Thanks Defenestration, I'll look more into it in a few weeks time.

    Forgot to say the obvious (these days) that a router will assign IP addresses.

    Cheers :D
     
Thread Status:
Not open for further replies.