Re:You think it could be that new NetBIOS "net send" spam? I get alot, but not enough to interfere with application performance (WinAMP) but I thought the new explosion in NetBIOS activity could be attribued to it…
Re:Originally posted by: guy
in the mean time you could run a security scan…
http://security1.norton.com/ssc/sc_ipcheck.asp?ax=1&langid=ie&venid=sym&plfid=23&pkj=WDOXOOTGUSDJNRNJWDJ
Does this mean I'm secure?
Symantec Security Check has determined that the Internet Protocol (IP) address used by your computer to connect to the Internet cannot be scanned. Your computer cannot be scanned because it is behind a firewall, proxy server, or uses Network Address Translation (NAT) to share IP addresses. As such, Symantec Security Check cannot run the Network Vulnerability Scan, the NetBIOS Availability Scan, and the Active Trojan Horse Scan on your computer.
I'm using ppoe on a Linksys Ehterfast router, I don't have the firewall software installed, but have everything else set as secure as I could make it. Sucks though, the new Q3 patch won't let me join servers with punkbuster enabled and I can't figure out how to get it to work through my router. Very limited to few servers now with sucky newbs….Yes, I still prefer Q3 over UT2k3, Q3 has a better control interface.
Re:Actually, in the typical home network with just TCP/IP enabled, you'll want NETBIOS over TCP to allow for name resolution for computer browsing. You just don't want to allow NETBIOS outside your LAN, which should be easy to contain if you use a firewall and/or router. I don't play games, so I have my router/firewall reject all outside requests, they can knock on the door all they want.
Re:I hve netbios disabled I think, how can I be sure?
Re:The moral of this story, is that you should not be allowing NetBIOS traffic through your router. NetBIOS traffic should be allowed on the private network only.
Re:ive also had 'unrecognized access' logs on ports 23, 5000, 139, 80, 25, 21, 445, 143, 79, and 135 within the last hour
thanks for the help by the way
Re:<a target=new class=ftalternatingbarlinklarge href="http://www.robertgraham.com/pubs/firewall-seen.html#netbios">NetBIOS requests to UDP port 137 are the most common item you will see in your firewall reject logs. This comes about from a feature in Microsoft's Windows: when a program resolves an IP address into a name, it may send a NetBIOS query to IP address. This is part of the background radiation of the Internet, and is nothing to be concerned about.
The discussion of these NetBIOS packets crops up over and over again on firewall/incident mailing lists. In this section, I've tried to come up with the "definitive" answer to this question.
Note that you will see NetBIOS scans, such as from hackers running the Legion NetBIOS scanner or other scanners. In this case, you'll likely see a scan of your entire address range. The important thing to remember is that few NetBIOS packets are from hostile intent. </a>
also, since it is saying 'unrecognized access' does this mean that the NAT router is turning the scans away?
ive checked my software firewall and nothing looks suspicious there.
Yes your router is dropping the packets.
Re:also, since it is saying 'unrecognized access' does this mean that the NAT router is turning the scans away?
ive checked my software firewall and nothing looks suspicious there.
Re:Ive run avg virus, no viruses
run pest patrol, no pests
gone through shields up, no problems
norton security test was unable to detect my computer, so I guess no problem there
what concerns me the most is the 'hiccuping' for lack of a better word caused I think by the scans….can this be caused by the scans, or am I just being paranoid?
thanks for the response
Re:in the mean time you could run a security scan…
http://security1.norton.com/ssc/sc_ipcheck.asp?ax=1&langid=ie&venid=sym&plfid=23&pkj=WDOXOOTGUSDJNRNJWDJ
Re:Since it's inbound you're probably just getting probed by infected PC's out there…I am getting a ton of them lately too…looking at info now..
0 Comments.