Very Computer

by **Dimitar Gospodino** » Thu, 04 Apr 2002 21:36:20

I received some UPD packets for port 137, the firewall droped them, but
somebody was trying to check something there. I am curious what? Any ideas?
Are there any NetBIOS exploits?

Dimitar

by **Jem Berke** » Thu, 04 Apr 2002 22:41:36

Quote:> I received some UPD packets for port 137, the firewall droped them,
> but somebody was trying to check something there. I am curious what?
> Any ideas? Are there any NetBIOS exploits?

On systems with unprotected shares, it is sometimes possible to gain full
read/write access to network shares (e.g. hard drives, printers). Check out
www.grc.com

by **ni..** » Fri, 05 Apr 2002 08:25:06

> I received some UPD packets for port 137, the firewall droped them, but
> somebody was trying to check something there. I am curious what? Any
> ideas? Are there any NetBIOS exploits?

It could be someone just using tracert, the windows version of traceroute.
It sends out a UDP packet on port 137 to try and identify the remote machine
before using tracing a route to the host.

--
Are you confident that you appear to be professional in your electronic
communication? Consider this:
A: No
Q: Can I top post?