I ran a SheildsUp stealth test and all ports were either stealth or
closed except one. SU said it is relatively simple to hide this port but
didn't tell me how! Would appreciate some info on this. TIA

Without knowing the port concerned the solution is to either use a
firewall that blocks all ports other than when in use or alternatively
close or secure the application or service that is opening this port.
--
Mike Maltby MS-MVP



Smirnoff > wrote:

> I ran a SheildsUp stealth test and all ports were either stealth or
> closed except one. SU said it is relatively simple to hide this port
> but didn't tell me how! Would appreciate some info on this. TIA

It is Port 139 (NetBIOS).
Have since found a SheildsUp link, http://grc.com/su-rebinding9x.htm if
anyone else is interested but just a bit too technical for me. I'd
probably do more harm than good. Unless of course it is considered a
critical issue?

Mike M wrote:
> Without knowing the port concerned the solution is to either use a
> firewall that blocks all ports other than when in use or alternatively
> close or secure the application or service that is opening this port.
>
>> I ran a SheildsUp stealth test and all ports were either stealth or
>> closed except one. SU said it is relatively simple to hide this port
>> but didn't tell me how! Would appreciate some info on this. TIA

Look in the Control Panel / Network applet and see if you are running
NetBios network support. If so, and it is unneeded, remove it.
A stand-alone WinME machine typically only needs TCP/IP.

Install a personal firewall, eg., the free Zone Alarm, or better.
--
Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS
Help us help you: http://www.dts-L.org/goodpost.htm

http://www.microsoft.com/athome/security/protect/default.aspx
Your cooperation is very appreciated.
------
"Smirnoff" > wrote in message
...
> It is Port 139 (NetBIOS).
> Have since found a ShieldsUp link, http://grc.com/su-rebinding9x.htm if
> anyone else is interested but just a bit too technical for me. I'd
> probably do more harm than good. Unless of course it is considered a
> critical issue?
>
> Mike M wrote:
> > Without knowing the port concerned the solution is to either use a
> > firewall that blocks all ports other than when in use or alternatively
> > close or secure the application or service that is opening this port.
> >
> >> I ran a ShieldsUp stealth test and all ports were either stealth or
> >> closed, except one. SU said it is relatively simple to hide this port
> >> but didn't tell me how! Would appreciate some info on this. TIA
>

Steve Gibson continues to amaze the world with his ignorance. Probably
the very last thing you should be doing is installing NetBeui but then
again his strengths have been and continue to be publicity and his disk
recovery tools. Just ensure that you don't have File and Printer sharing
bound to TCP/IP for your network connection. Go to Control Panel | Network
| TCP/IP->adapter (whichever is used for net access if more than one) |
Properties | Bindings and un-check all of the boxes. Do this only for the
adapter which connects to the Internet.

If you're concerned by this and are still unable to block port 139 I would
recommend you get yourself a firewall such as perhaps the free Zone Alarm
or Kerio.
--
Mike Maltby MS-MVP



Smirnoff > wrote:

> It is Port 139 (NetBIOS).
> Have since found a SheildsUp link, http://grc.com/su-rebinding9x.htm
> if anyone else is interested but just a bit too technical for me. I'd
> probably do more harm than good. Unless of course it is considered a
> critical issue?

I have Trend Micro Internet Security 2005 as anti-virus/firewall. Anyone
know how to configure it to stop threat to Port 139 via NetBIOS? Or,
would anybody recommend carrying out the instuctions on the SheildsUp
link anyway?

Smirnoff wrote:
> It is Port 139 (NetBIOS).
> Have since found a SheildsUp link, http://grc.com/su-rebinding9x.htm
> if anyone else is interested but just a bit too technical for me. I'd
> probably do more harm than good. Unless of course it is considered a
> critical issue?
>
> Mike M wrote:
>> Without knowing the port concerned the solution is to either use a
>> firewall that blocks all ports other than when in use or
>> alternatively close or secure the application or service that is
>> opening this port.
>>
>>> I ran a SheildsUp stealth test and all ports were either stealth or
>>> closed except one. SU said it is relatively simple to hide this port
>>> but didn't tell me how! Would appreciate some info on this. TIA

If you are connected to the Internet via a Broadband connection, I strongly suggest a
Cable/DSL Router such as the Linksys BEFSR41. If you are on DSL that uses PPPoE, it, not
the PC will make the connection. No ISP software is needed on any LAN PC and if you have
more than one computer than you can share the one Internet WAN address
with up to 253 LAN nodes. To top the added capabilities the above Router will act as a
simplistic FireWall. There are other models that will act as full FireWall devices and that
will protect you from hackers and Internet worms.

I also suggest block both TCP and UDP ports 135 ~ 139 and 445 on *any* SOHO Router.

--
Dave




"Smirnoff" > wrote in message
...
| I ran a SheildsUp stealth test and all ports were either stealth or
| closed except one. SU said it is relatively simple to hide this port but
| didn't tell me how! Would appreciate some info on this. TIA
|
|

"Smirnoff" > wrote...

> Have since found a SheildsUp link, http://grc.com/su-rebinding9x.htm if
> anyone else is interested but just a bit too technical for me. I'd
> probably do more harm than good. Unless of course it is considered a
> critical issue?

I have found that ICS (internet connection server) on WinME acts as a good
simple firewall. ICS just needs to be enabled and all the critical ports
135, 139, etc) are automatically blocked.

"Ogg" > wrote ...
>
> "Smirnoff" > wrote...

> I have found that ICS (internet connection server) on WinME acts as a
> good
> simple firewall. ICS just needs to be enabled and all the critical
> ports
> 135, 139, etc) are automatically blocked.

Correct, ICS is a very effective firewall although it might introduce the
odd quirk due to the introduction of Network Address Translation (NAT).
--
Mike Maltby MS-MVP

Thanks to all who replied.
Finally managed to configure my firewall to deny NetBIOS. Clean bill of
health on SheildsUp!! now


David H. Lipman wrote:
> If you are connected to the Internet via a Broadband connection, I
> strongly suggest a Cable/DSL Router such as the Linksys BEFSR41. If
> you are on DSL that uses PPPoE, it, not the PC will make the
> connection. No ISP software is needed on any LAN PC and if you have
> more than one computer than you can share the one Internet WAN
> address
> with up to 253 LAN nodes. To top the added capabilities the above
> Router will act as a simplistic FireWall. There are other models
> that will act as full FireWall devices and that will protect you from
> hackers and Internet worms.
>
> I also suggest block both TCP and UDP ports 135 ~ 139 and 445 on
> *any* SOHO Router.
>
>
> "Smirnoff" > wrote in message
> ...
>> I ran a SheildsUp stealth test and all ports were either stealth or
>> closed except one. SU said it is relatively simple to hide this port
>> but didn't tell me how! Would appreciate some info on this. TIA