Disable the Server, Workstation and all RPC services, and reboot. >;) Alternatively, if you don't want to rebuild your NT box, you can disable all ports with the (very ugly) filtering feature which comes with NT (look in the network control panel somewhere...TCP->Properties->Advanced or something?). This means that you have to selectively enable the ports you want. This is fine for some boxes (WWW servers, mailservers etc) but sucks for boxes like firewalls where there are thousands of ports that may need to be opened. Alternatively again, if you want a _good_ solution, disable the Server and Workstation services if you can get away with it (you can for most firewalls) and filter external access to the RPC endpoint mapper (port 135) from the outside world with some device or other. Gosh...that filtering you from danger...almost like...a wall...protecting you...from fire...or something... Cheers, -- Ben Nagy Network Consultant, CPM&S Group of Companies PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520 > -----Original Message----- > From: Kaptain [mailto:kaptainat_private] > Sent: Tuesday, 26 October 1999 3:15 AM > To: Michael H. Warfield > Cc: Christoph Schneeberger; firewall-wizardsat_private > Subject: Re: Strange open ports on windows machines > > > <snip> > > Even without BO there, with ports 135-139 tcp and udp open to > > access you have all the security of a tissue in a hurricane. > > > > > Cheers, > > > Christoph Schneeberger > > > SCS Telemedia > > > > Mike > </snip> > > > How can you disable the public accessibility of the 135-139 > windows ports? > > -K >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:45:05 PDT