Security Basics mailing list archives
Re: Re[2]: No NetBios share + No Open Port = Safe Win98?
From: Gethinj <gethinj () gethin net>
Date: Thu, 28 Sep 2006 12:57:11 +0100
Hi All, OK, so a firewall won't stop a DDOS attack from flooding your internet pipe, but it will stop the attack from actually getting to you internal network. The firewall will also stop your internal machines broadcasting on port 139 adn 445, and if your firewall drops all external connections (including ICMP) and you're not broadcasting everything to the internet there is less (not much, but deffinately less) chance of your actually being attacked in the first please - if you can see it, you can attack it. To be honest lots of firewalls are able to withstand a DDOS attack, they drop the connections, in my book that's withstanding an attack. If the internet pipe fills up, it doesn't stop the firewall doing it's job :-) just stops internet access, when the attack has finished your network still works :-) Best Regards Gethin -----Original message----- From: gmx pal_adam () gmx net Date: Wed, 27 Sep 2006 21:00:39 +0100 To: security-basics () securityfocus com Subject: Re[2]: No NetBios share + No Open Port = Safe Win98?
Hello Frynge, Monday, September 25, 2006, 6:11:13 PM, you wrote: <==============Original message text=============== FCS> I dont know if anyone has replied to this yet, but here is some advice. FCS> The port 139 exploit was usually used for file and printer sharing hacks. FCS> Having that port open will allow someone to see your computer online with FCS> programs that will check for file and printer sharing vulnerabilities and FCS> also, possibly use your computer for DDOS attacks or flood your computer via FCS> that port. FCS> I would make sure file and printer sharing is not on (you may not have set FCS> it on, but sometimes its on by default and with no password) FCS> YOU SAID "I used winipcfg.exe to obtain my IP address (192.168.1.101) " FCS> It tells me you are on an internal network and that is not your real ip FCS> address but an internal address. You will have another ip that is your real FCS> ip address, you can find this by googling it and looking for online ip FCS> finders. FCS> For DDOS and flood attacks make sure you have a nice firewall set up and you FCS> should be fine. Erm what ? As far as i know, no private firewall is able to stand against a strong DDOS, and corporate firewalls are only able to mitigate it, not more. Having a nice firewall set up will not save no one from a serious ddos, maybe just from some attepts of unexperienced scriptkiddies... FCS> Win98 closed that port in later additions and service packs, so you may want FCS> to update your windows at windows update if you can. FCS> Kelly Sigethy FCS> Frynge.com FCS> ----- Original Message ----- FCS> From: <gohyongkwang () hotmail com> FCS> To: <security-basics () securityfocus com> FCS> Sent: Friday, September 22, 2006 9:01 PM FCS> Subject: No NetBios share + No Open Port = Safe Win98? --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Best Regards Gethin --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- No NetBios share + No Open Port = Safe Win98? gohyongkwang (Sep 25)
- Re: No NetBios share + No Open Port = Safe Win98? dave (Sep 26)
- Re: No NetBios share + No Open Port = Safe Win98? Frynge Customer Support (Sep 26)
- Re[2]: No NetBios share + No Open Port = Safe Win98? gmx (Sep 27)
- Re: Re[2]: No NetBios share + No Open Port = Safe Win98? Frynge Customer Support (Sep 28)
- Re: No NetBios share + No Open Port = Safe Win98? Ansgar -59cobalt- Wiechers (Sep 28)
- RE: No NetBios share + No Open Port = Safe Win98? David Gillett (Sep 28)
- Re[2]: No NetBios share + No Open Port = Safe Win98? gmx (Sep 27)
- Re: No NetBios share + No Open Port = Safe Win98? Luchino - Samel (Sep 26)
- RE: No NetBios share + No Open Port = Safe Win98? Robert D. Holtz - Lists (Sep 26)
- <Possible follow-ups>
- Re: No NetBios share + No Open Port = Safe Win98? krymson (Sep 26)
- Re: Re[2]: No NetBios share + No Open Port = Safe Win98? Gethinj (Sep 28)
- Re:No NetBios share + No Open Port = Safe Win98? Colin Copley (Sep 28)
- RE: Re[2]: No NetBios share + No Open Port = Safe Win98? Jag (Sep 29)