Planning a Firewall -> Samba don't work!

[Bill Moran]

Anthony wrote:
> As far as I can tell, Windows doesn't
> connect from ports 137-139 as you would expect. I've just set one of my
> machines here to log to the system log, and it appears that Windows is
> connecting FROM port 2695 TO port 139. I have no idea why it does this (if
> anyone out there does know, please share it with us!)

This is fairly typical of tcp communications. Consider the fact that the
Windows machine is likely listening for connections from others on port
139 already (if file sharing is enabled on that machine), so it could
cause confusion to try to connect with that port on outgoing
communication as well.
Also, on any system with intelligent security (most UN*Ces and I believe
the NT line) a non-root (admin) user can not establish connections on
ports below 1024 (these are "priveledged" ports). Therefore, logging in
to a sytem as a "normal user" does not enable you to open a connection
from 139. Samba and the NT filesharing service both run as root/system
so they are able to establish listening ports on 139, but you don't want
to have everyone logging as root/admin. Most other communication
services run in the same manner, including ftp, mail, http, etc ...

Hope this helps some.

-Bill