blocked port
Christopher R. Hertel
crh at nts.umn.edu
Wed Jun 7 16:08:53 GMT 2000
In the US, @Home provides service via cable TV connections. Cable, by
its very nature, is a broadcast medium.
Many cable customers had Windows boxes. As you know, Windows boxes do not
need a system administrator. They run perfectly out-of-the-box. Urq?
Seems, though, that lots of vendors ship Windows boxes with file sharing
turned on. Also, lots of folks like to share files with other systems in
their homes. Thus, W/95 and W/98 systems in homes are likely to have
unprotected shares available.
See the problem? Cable modems are a broadcast medium, and there are
unprotected shares under NetBIOS (which announces services via broadcast).
This brought a whole new meaning to the term "Network Neighborhood".
People were storing files on their neighbor's machines, taking a look at
bank records, etc.
As a result, cable providers commonly block the NBT service ports: 137,
138, and 139.
This is a *good thing*. You really don't want to be sharing services with
other folks in your cable neighborhood. Really.
However, it does cause a few problems if you are trying to share files
with a remote machine. My recommendation is this:
1) The remote machine should not be made available over the Internet
anyway. I see scans for these ports almost every day on my cable
modem connection. I have an at-home firewall just in case. Your
remote server should also be protected by a firewall.
2) Use PPTP to build a VPN connection between your home network and the
remote server. The VPN tunnel will allow you to open these ports
without trouble. It also requires that you authenticate before
bringing up the link, thus preventing evil nasties from getting to
your remote server (which is behind a firewall).
PPTP is not the best protocol for this kind of thing, but it is probably
the easiest to set up in your situation.
Hope that helps.
Chris -)-----
[Charset iso-8859-1 unsupported, filtering to ASCII...]
> I think I have discovered why many of the tests fail between my server and
> my pc.
>
> It appears that port 139 is blocked between my server and my PC. I am using
> the @home network and VPN. Has anyone heard of this happening before, and if
> so, how do you 'fix' it.
>
> I changed my services file on my pc, but a netstat -na shows that 139 is
> still listening. I have searched the registry and all my ini files, but
> there is no port 139.
>
> Ron
>
--
Christopher R. Hertel -)----- University of Minnesota
crh at nts.umn.edu Networking and Telecommunications Services
Ideals are like stars; you will not succeed in touching them
with your hands...you choose them as your guides, and following
them you will reach your destiny. --Carl Schultz
More information about the samba-technical
mailing list