[Dshield] BEFSX41 and a lot of hits
hostmaster at denverdata.com
Wed Jan 21 19:52:34 GMT 2004
On Wednesday 21 January 2004 12:18 pm, Joseph Stahley 3rd wrote:
I use a BEFSR81 at home.
> I have experienced that as well..I also have a BEFSR41 (original model)
> running linksys firmware 1.45.7 July 31, 2003.I am also on Cox HSI. I am
> running 3 machines, 1 WIN2K pro, 2 WINXP Pro and I have all the updates
> installed on all machines. I was experiencing many many hits on ports
> 135,137,139,445 and 4662 among others. I am not using a firewall at this
> point as well.
I assume you mean an additional FW on the clients. It's a good idea for the
added protection. At least get ZoneAlarm, I believe there's a
> What I did was uninstall TCP/IPv6 and Microsoft File and
> Print Sharing, Used the high security template as my local policy and
> disabled under the linksys filters page Multicast, IPSEc and PPTP pass
> throughs.It seems the only ports I am having difficulties with now are
> 135,137 and 445. Over the past 3 hours port 135 has been probed 6 times,137
> has been probed 4 times and 445 probed 7 times, that is the only 3 ports I
> have incoming on now.
Assuming you don't want windows networking traffic going in or out of your
network, on the Filters page of your linksys:
* Enable "Block WAN Request" -- this setting blocks not only ICMP (pings)
but all UDP traffic, except what you have explicitly forwarded.
* Add the ports to the "Filtered Private Port Range" -- this is effectively
egress filtering by port. My current setup blocks 135-139, 445, 27374, 17300,
After you do the above, you will still get incoming traffic logged to these
ports, but the target host should be the IP of the public interface on your
linksys. This is the linksys way of saying the traffic was denied.
Also, if you use a tool to verify your linksys settings (e.g., nmap) you may
get different results if you scan from your private network, even if your
scanning the linksys public interface (this really freaked me out the first
time I did it).
More information about the list