Thanks for all the replies. The change I believe I will make in my firewall rules is to explicitly block inbound 137-139 traffic. My default iptables policy is to deny, and these are not ports I have opened up, so....they should be being blocked, but an extra rule to catch this up front won't hurt. I have to add one clarification to the scenario and apologize for not including this up front: could running Samba (as a master browser/file server - not domain controller) be the source of the problem? Are there some outbound ports I should be blocking when (I assume) Samba announces itself periodically as the master browser? -------------------------------------------------------- Mike McCandless michaelat_private _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Sun Oct 13 2002 - 08:27:30 PDT