[1964] in linux-security and linux-alert archive
[linux-security] What is someone looking for??
daemon@ATHENA.MIT.EDU (Ryan Matteson)
Sat Jul 11 19:01:45 1998
Date: Thu, 09 Jul 1998 17:44:30 -0400
From: Ryan Matteson <x96matteson@wmich.edu>
To: linux-security@redhat.com
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
I am currently blocking out netbios UDP port 137 on my firewall and was
wondering what the following means in terms of security:
Jul 9 16:19:05 oscar kernel: IP fw-in rej eth0 UDP SOMEONES_IP:137
MY_IP:137 L=78 S=0x00 I=46484 F=0x0000 T=111
I have gottena few 100 of these and was wondering if there are some
vulnerabilties related to netbios out there?? What do the S/I/F/L fields
stand for?? I assume T= TOS? Thanks for any info I would appreciate any
info/URL's now. Is there a way to tell tcpdump to dump all netbios
packets originating from outside my present class C to a file for future
viewing?? Thanks again I apprecaite the help
Ryan
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null