Port 137 etc

Discussion in 'other firewalls' started by Egg beta, Jul 5, 2006.

Thread Status:
Not open for further replies.
  1. Egg beta

    Egg beta Registered Member

    Joined:
    Oct 5, 2005
    Posts:
    14
    Location:
    UK
    I am using Kerio 2.1.5 and am unsure what to do about the NetBios ports 137-139. I have SpeedTouch Dialer from my ISP (I suppose that would be dial-up broadband if that makes sense) which often wants to connect out on port 137. I've had it blocked and have a number of these in my log.

    1,[04/Jul/2006 10:32:00] Rule 'SpeedTouch Dialer': Blocked: Out UDP, localhost:137->84.255.255.255:137, Owner: C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\STDIALUP.EXE

    I also have a rapidly mounting number of these:

    1,[04/Jul/2006 11:27:08] Rule 'Dial-Up Networking Application': Blocked: Out UDP, localhost:137->84.255.255.255:137, Owner: C:\WINDOWS\SYSTEM\RNAAPP.EXE

    I've searched around on what to about these but don't seem to be able to find a definitive answer. In short, what would be the purpose of these connections if allowed out, and should they be allowed or blocked?

    I notice BZ's ruleset shows the three NetBios ports blocked and have added the two rules for this following the rules I have for SpeedTouch and Dial-Up Networking until I can get some clarity on what to do with this part of my ruleset.

    Thanks in advance for any advice offered.
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
  3. Egg beta

    Egg beta Registered Member

    Joined:
    Oct 5, 2005
    Posts:
    14
    Location:
    UK
    Thanks for your reply and the link Stem. I am actually using Win98 so it looks like I am stuck with NetBios enabled.

    In TCP/IP Properties panel / NetBIOS tab / "I want to enable NetBIOS over TCP/IP" is ticked and greyed out.

    I'll keep playing with my Kerio rules to produce something that works without excessive logging.

    Thanks again for the info provided in the link. It has at least clarified the nature of the beast.

    ;)
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Egg beta,
    Sorry,.. win98,.. it is a version I passed by. I did search on this concerning netBIOS, but found nothing. there is the possiblility of unbinding netBIOS in win98 but unsure,..I have e-mailed some to find any info on this.
    Maybe others can shed some light.
     
  5. FirePost

    FirePost Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    212
    If the system is stand alone then a rename for vnbt.386 works well. The ports will not be opened. In the middle of this page there is a brief discussion of that solution. NetBIOS problem and how to solve it

    There is a link there for "Network Discipline for Windows 9x" on Steve Gibson's site one may also find interesting.
     
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hello Egg beta,
    Please have a read:here many thanks to Snapdragin for this info
     
  7. Egg beta

    Egg beta Registered Member

    Joined:
    Oct 5, 2005
    Posts:
    14
    Location:
    UK
    Stem, FirePost, very helpful info. Thanks both - and Snapdragin too!

    It looks like there are different approaches to the same issue. Steve Gibson's is certainly an interesting and thorough one.

    Kerio presently appears to be doing a good job of blocking NetBios, but maybe now I can save Kerio a bit of work. I'll let you know how it goes.

    :thumb: :thumb:
     
  8. Egg beta

    Egg beta Registered Member

    Joined:
    Oct 5, 2005
    Posts:
    14
    Location:
    UK
    Just had a busy couple of days, but I've now finally got NetBios unbound. I decided to follow Steve Gibson's procedure, partly for the education and experience and also for the thoroughness of its approach, and it worked well.

    Thanks once again for all the assistance - and Stem, you're doing a great job around here! Hats off to ya'! :cool:
     
  9. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Egg beta,
    Glad to hear,...
    Due to your post,.. Snapdragin info, and link supplied by FirePost, we have both learned something, so will others who read the thread.
     
Loading...
Thread Status:
Not open for further replies.