Re: UDP port 137 Question

[Melody Yoon <melodyy () best com>]

On Tue, 6 Jan 1998, Bryce Ryan wrote:
[cut]
> who was it that said, "never attribute to malice what can be explained by
> stupidity?"

no clue, but I like the quote. :)

> we run a web farm and see requests directed at port 137 all the time on
> the web sites we host.  i don't know for certain, but i assume it is
> some sort of internet explorer "feature" that is attempting to establish
> a CIFS connection to the web site.  we ignore them anyway. 

Hi Bryce. That's a possibility which I had not thought of.. However, to
test it, I ran Explorer on some machines here (including IE4.0 for Sparc)
and directed it my workstation here which is running apache. I've got
snoop running monitoring port 137, and so far, I've gotten no hits from
the machines running IE4 that are specifically directed to my Sparc (as
per the scenario from the original poster). Due to the way our network is
configured here, I don't have the ability to go over a router (we're on a
Cat5k switch).

Could someone out there do a similiar test and double check my methods and
see if I just did something wrong? :)

mel

Melody Lynn Yoon      melodyy () best com              | Graduate - '97 MSF
Senior SA - Taos Mountain Software, Santa Clara, CA | NRA Member
-- I do not accept commercial, unsolicited email
-- http://www.best.com/~melodyy/spam.policy.html