Author Topic: Blocking Port TCP 139 (Read 3946 times)

vvalentine · « **on:** 2003-08-13 01:51:53 »

Well, here is the problem. People in our school lab have been abusing the 'net send' command, making batch files to send a lot of spam to many computers. This hasn't gotten out of hand, but it can if we just let it go. One temporary solution that we did was disabling the messanger service in all computers, but anyone can enable them again. Plus it doesn't resolve the problem, it just hides it. Anyways, I gave the suggestion of blocking the TCP 139 port. However, we have a lot of applications and services that use TCP ports. I wanted to know from you guys (from experience or knowledge) if TCP 139 is of any necessity. We use Novell Netware to log-on to the network, and windows 2000/redhat 9.0.

Srethron Askvelhtnod · « **Reply #1 on:** 2003-08-13 03:38:35 »

According to this, Windows NT *can* also use TCP 139 for:
-Directory Replication
-File Sharing
-Logon Sequence
-Pass Through Validation
-Performance Monitor
-Printing
-Registry Editor
-Server Manager
-Trusts
-User Manager
-WinNT Diagnostics
-WinNT Secure Channel

The most adventurous thing to do is probably just to try disabling the port and see if it causes problems. Chances are, it'll work (if memory serves, some firewalls will even disable 139 automatically--I don't remember the port being that important.) But, if the network printer doesn't work anymore (or whatever), then, yeah, reenable the port and come up with something else.

atzn · « **Reply #2 on:** 2003-08-13 10:20:17 »

Haha speaking about the 'net send' command.... I've been abusing that in my old school too

(Esp. on my schoolfriends)

And the stupid administrators in my old school do not know how to stop it.

Jedimark · « **Reply #3 on:** 2003-08-13 10:53:33 »

You know it really pi*sed me off at Uni when I was playing a network game and some idiot net send'ed the workgroup and crashed my game. Then I learnt how to disable the Messenger service...

vvalentine, why can all the student's re-enable the service? They shouldnt have access to the Computer Management / Services console should they?

vvalentine · « **Reply #4 on:** 2003-08-13 11:53:09 »

Quote from: Jedimark

why can all the student's re-enable the service? They shouldnt have access to the Computer Management / Services console should they?

They have to, it's part of the "hand's-on" training. So many of the administrative features have to be available. Because of this, we have to re-image every single machine once a week. It's not all in their control though, there are some features that they definately don't have access to. For example stopping anti-virus programs is not possible for normal users.

Reno · « **Reply #5 on:** 2004-04-27 19:37:19 »

Netsend is teh pwnage, my friends and I used to make the batchfiles and time them so they start after we leave the room. >.>

Aaron · « **Reply #6 on:** 2004-04-27 23:41:47 »

Quote from: The Rules

Don't resurrect old topics. When people stop posting in a topic, it's usually a sign that everything of value has been said. Thus, if nobody's posted in a topic for more than a week or two, consider it dead and don't post in it (unless you have an important follow-up or question exactly on-topic, and the topic is still recent). If you post just a comment on something somebody said ... chances are no-one will care because it's been a while since everything was posted.

Don't wanna sound mean, but I gotta rant about the topic resurrection. Thanks.