Specifically block those ports and test. Saludos. El mar, 26 de 08 de 2003 a las 09:53, Arndt Faulhaber escribió:
First thanks for the answer, but
Close this ports used by Netbios
udp/135 udp/137 - 139 udp/445 tcp/137 - 139 tcp/445
These ports are _not_ open (scanned using nmap...). No ports are open from the outside...
More information in http://www.hispasec.com/unaaldia/1587 (spanish) hmmm...
Could test your configuration with http://www.mynetwatchman.com/winpopuptester.asp
Jup, I had done that already... naturally that doesn't get through. I think the technique must be different, don't know how, but maybe the packets are generated from the inside (by some javascript, trojan or whatever...) -- could not put my finger to it yet...
Cheers, Arndt