Basically, what you see is nmbd listening, supposedly.
It sounds like you will need a firewall to keep out requests on 137 and
138.
Joel
Bind interfaces only (G)
This global parameter allows the Samba admin to limit what interfaces on a
machine will serve SMB
requests. If affects file service smbd(8) and name service nmbd(8) in slightly
different ways.
For name service it causes nmbd to bind to ports 137 and 138 on the interfaces
listed in the
interfaces parameter. nmbd also binds to the "all addresses" interface
(0.0.0.0)
on ports 137 and 138 for the purposes of reading broadcast messages.
If this option is not set then nmbd will service
name requests on all of these sockets. If bind interfaces
only is set then nmbd will check the
source address of any packets coming in on the broadcast
sockets and discard any that don't match the broadcast addresses of
the interfaces in the interfaces parameter list.
As unicast packets are received on the other sockets it
allows nmbd to refuse to serve names to machines that
send packets that arrive through any interfaces not listed
in the interfaces list. IP Source address spoofing
does defeat this simple check, however so it must not be
used seriously as a security feature for nmbd.
On Sun, Sep 16, 2001 at 04:48:20PM -0500, eperez@consultant.com
wrote:>
> Hi people, i have some question about how to close udp ports in my
> smb.conf file. Here I go....
>
> I have the following in my smb.conf file:
> [global]
> bind interfaces only = true
> interfaces = eth0 lo
> socket address = 192.168.0.1 127.0.0.1
> host allow = 192.168.0. 127.0.0.1
>
> But doing netstat -n -all shows ports 137-138 udp listening in 0.0.0.0,
> how do
> i block these ports without using some firewall (iptalbes,ipchains) rules.
> Basically because i like to close everything manually before doing some
> firewalling rules.
> Im using Mandrake 8.0 w latest samba .
>
> Thanks people,
>
> Erick Perez
> Net Admin
>
>
>
> --
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
