Andrew James Benie tapped away at the keyboard with:
netbios ns is used by windows clients for file and print sharing. So the most likely source of these connections is fairly innocuous. There is very little you can do to stop windows clients from trying to connect to your machine do to the insane communications protocols MS dedided to use.
I've had good results simply asking an ISP of the "offender" why my port was "pinged" by one of their systems. It can even be an IMAP (port 143) attempt. As far as I know; there's no legitimate reason why a stranger should attempt to try to connect to that port so I simply asked them to explain why it happened, providing log information from the firewall. Their response a few days later: Dear Sir/Madam, We have identified the account that sourced that attack and have taken appropriate action against them. If any of these attacks occur in the future do not hesitate to contact us. Note that I never mentioned the word attack in my email to them. They obviously understand that there might be a problem; especially with spammers trying their best to abuse the fragile network. Keep an eye on your log files. Report any apparent problems to the ISP concerned. Another trick; if you don't want to relay email via (e)smtp; don't tell them immediately. Wait for between 30 seconds to 2 minutes, then tell them. If everybody did that, then the spammers would take about 10 times as long to find an "open" port. -- Bernd Felsche - Innovative Reckoning Perth, Western Australia -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/