|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: UDP port 137 Question
> Date: Tue, 06 Jan 1998 16:43:27 -0500 > From: Eric Germann <[email protected]> > Subject: Re: UDP port 137 Question > To: [email protected] > Cc: [email protected] > One would hope the backbones aren't passing 255.255.255.255 around to come in > via his Internet connection One would hope........ ! But you can't assume! > > > > At 01:17 PM 1/6/98 +0000, DAVE NORDLUND wrote: > >> Date: Tue, 06 Jan 1998 12:54:52 -0500 (EST) > >> From: "C. Jon Larsen" <[email protected]> > >> Subject: UDP port 137 Question > >> To: [email protected] > > > >> > >> Is there any *valid* reason to see UDP traffic directed at a unix box's > >> port 137 coming from IP sources across the internet ? The unix servers in > >> question are most definitely *not* running samba, and there is > absolutely no > >> NT anywhere on this customer's network (that is seeing the incoming UDP > >> traffic directed at an IP destination address on port 137). (A couple of 95 > >> boxes scattered across an Ethernet comprise the Micro$oft part of the > >> network). None of the 95 boxen are running any file or print serving > (sharing) > >> resources. > > > >Are you shure these don't have ip broadcast addresses on them? I've seen MS > >UDP packets with 255.255.255.255 as the destination address if the WIN box > >isn't set up reasonably. > >> > >> I can't think of any valid reason to see this traffic, personally. > Anybody out > >> there that can present a scenario where I would expect to see these UDP > >> packets coming back in ? > >> > >> netbios-ns 137/tcp nbns > >> netbios-ns 137/udp nbns > >> netbios-dgm 138/tcp nbdgm > >> netbios-dgm 138/udp nbdgm > >> netbios-ssn 139/tcp nbssn > >> > >> > >> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- C. > >> Jon Larsen Email: [email protected] Systems Engineer > >> Voice: +1.804.353.2800 x118 A&J Technologies > >> http://www.ajtech.com > >> > >> PGP Key fingerprint: 8A 62 4C 6E 1E 3C CD 63 B3 16 1A 1B D2 61 EE 97 > >> PGP Public key available at: http://ford.ajtech.com/CJL.txt > >> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > >> > >> > > > >Dave Nordlund [email protected] > >University of Kansas 913/864-0450 > >Computing Services FAX 913/864-0485 > >Lawrence, KS 66045 KANREN > > > > > ============================================================================ > ==== Eric Germann Computer and Communications Technologies > [email protected] Van Wert, OH 45891 > Phone: 419 968 2640 > http://www.cctec.com Fax: 419 968 2641 > > Network Design, Connectivity & System Integration Services > A Microsoft Solution Provider Dave Nordlund [email protected] University of Kansas 913/864-0450 Computing Services FAX 913/864-0485 Lawrence, KS 66045 KANREN
|