Open udp netbios ports.

Entelin plug-discuss@lists.plug.phoenix.az.us
15 Mar 2003 16:22:32 -0700 

Thanks thats a help :)

On Sat, 2003-03-15 at 10:20, David Mandala wrote:
> See http://lwn.net/Articles/25578/ for a critical SAMBA bug. Can take
> over the machine at the root level. Just released by the SAMBA team.
> 
> The SAMBA team recommends immediate upgrade to avoid security problems.
> 
> Cheers,
> 
> Davidm
> 
> On Sat, 2003-03-15 at 08:49, Entelin wrote:
> > Well I dont want to give his name out :) Actually hes not completely a
> > nutbar, apparently he is on security topics. He's actually very
> > experienced with linux/unix, and has written a number of programs they
> > use internaly. I think the issue is that hes a bit stuck in the past
> > when it comes to his mentality on security topics. However he really did
> > piss me off going behind my back like that he even said in his email to
> > her to not to talk to me about this without talking to him first.
> > 
> > On Sat, 2003-03-15 at 04:02, technomage wrote:
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > > 
> > > who is this "nutbar" who thinks they are totoally secure? I'd like to know so 
> > > that I can avoid meeting him unless I have reason to.
> > > 
> > > totally secure = power supply isolated, non-networked machine behind 2 layers 
> > > of steel doors and lots of guards.
> > > 
> > > anything else is debatable.
> > > 
> > > Technomage
> > > 
> > > On Saturday 15 March 2003 03:17 am, Entelin wrote:
> > > > I have a client I am trying to convince to install a firewall, (eather
> > > > iptables or preferably cisco PIX). They have practicly every service
> > > > under the sun open, the only reason their tcp netbios ports are closed
> > > > is because cox filters them. The only reason I am having to convince
> > > > them of anything is because they have another linux tech working for
> > > > them and he is somehow convinced that they are completely secure "at the
> > > > deamon level" wrote a big email to my client saying they dident need to
> > > > install a firewall, or even close totaly unused ports on their box!
> > > > (they even had echo and chargen open before I at least convinced them to
> > > > close those ie: forged packet between echo and chargen = storm).
> > > > nevermind the two root exploits their sendmail is at risk for. and the
> > > > password sniffing of their login,telnet etc.. god..
> > > >
> > > > ANYWAY sorry for that rant. back on topic I was wondering if I could do
> > > > anything with these udp ports in absence of the filtered tcp netbios
> > > > ports. ? as in gain any kind of access or DoS.
> > > >
> > > > 137/udp    open        netbios-ns
> > > > 138/udp    open        netbios-dgm
> > > > 139/udp    open        netbios-ssn
> > > >
> > > > Thanks :)
> > > >
> > > > ---------------------------------------------------
> > > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > > > To subscribe, unsubscribe, or to change  you mail settings:
> > > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > > 
> > > - -- 
> > > I will not be pushed, filed, stamped, indexed, briefed, debriefed, or 
> > > numbered!
> > > My life is my own - No. 6
> > > -----BEGIN PGP SIGNATURE-----
> > > Version: GnuPG v1.0.7 (GNU/Linux)
> > > 
> > > iD8DBQE+cwhOn/usgigAaLcRAs79AJ9Tty91a3ZorlD3pgKL9dBRRJSSzACeKW4U
> > > 6v2lRe90Uh6uuJYQKty5ihg=
> > > =hUiC
> > > -----END PGP SIGNATURE-----
> > > 
> > > ---------------------------------------------------
> > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > > To subscribe, unsubscribe, or to change  you mail settings:
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > 
> > 
> > ---------------------------------------------------
> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change  you mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> -- 
> David IS Mandala
> gpg fingerprint 8932 E7EF CCF5 1B8C 1B5C A92E C678 795E 45B2 D952
> Phoenix, AZ (480) 460-7545 HP, (602) 741-1363 CP
> http://www.them.com/~davidm/
> 
> 
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change  you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss