[14542] in North American Network Operators' Group
Re: UDP port 137 Question
daemon@ATHENA.MIT.EDU (Bryce Ryan)
Tue Jan 6 14:45:01 1998
From: Bryce Ryan <brycer@organic.com>
To: melodyy@best.com (Melody Yoon)
Date: Tue, 6 Jan 1998 11:36:41 -0800 (PST)
Cc: jlarsen@ford.ajtech.com, nanog@merit.edu
In-Reply-To: <Pine.BSF.3.96.980106110827.2618X-100000@shell4.ba.best.com> from "Melody Yoon" at Jan 6, 98 11:10:45 am
My mailer says that Melody Yoon said:
>
> Hi Jon. If memory serves, Netbios nameservices are generally only on the
> same segment unless you have an NT/Samba server somewhere... As it is, it
> should *NOT* be directed at your Unix boxes and definately not coming
> across the Internet. My guess is that someone may be attempting a bad OOB
> data attack on port 137 thinking that your Unix box is some type of PC.
>
who was it that said, "never attribute to malice what can be explained by
stupidity?"
we run a web farm and see requests directed at port 137 all the time on
the web sites we host. i don't know for certain, but i assume it is
some sort of internet explorer "feature" that is attempting to establish
a CIFS connection to the web site. we ignore them anyway.
--
=== bryce ryan ============ organic ======== brycer@organic.com =========
==== director =========== information ===== http://www.organic.com/ ======
== /etc/networks ========== services === v:415.278.5652#f:415.284.6891 ===
