NetBIOS exploits

NetBIOS exploits

Post by Dimitar Gospodino » Thu, 04 Apr 2002 21:36:20



I received some UPD packets for port 137, the firewall droped them, but
somebody was trying to check something there. I am curious what? Any ideas?
Are there any NetBIOS exploits?

Dimitar

 
 
 

NetBIOS exploits

Post by Jem Berke » Thu, 04 Apr 2002 22:41:36


Quote:> I received some UPD packets for port 137, the firewall droped them,
> but somebody was trying to check something there. I am curious what?
> Any ideas? Are there any NetBIOS exploits?

On systems with unprotected shares, it is sometimes possible to gain full
read/write access to network shares (e.g. hard drives, printers). Check out
www.grc.com

 
 
 

NetBIOS exploits

Post by ni.. » Fri, 05 Apr 2002 08:25:06



> I received some UPD packets for port 137, the firewall droped them, but
> somebody was trying to check something there. I am curious what? Any
> ideas? Are there any NetBIOS exploits?

It could be someone just using tracert, the windows version of traceroute.
It sends out a UDP packet on port 137 to try and identify the remote machine
before using tracing a route to the host.

--
Are you confident that you appear to be professional in your electronic
communication? Consider this:
                                A: No
                                Q: Can I top post?