[unisog] DNS queries from Windows clients for every udp/137 and udp/138 broadcast they hear?
reggers at ist.uwaterloo.ca
Wed Sep 28 13:48:23 GMT 2005
> Each of the affected machines is sending a two DNS lookups for every
> UDP broadcast packet it hears involving NetBIOS ports 137 or 138.
WINS is ancient history pre W2K -- we all ought to disable NetBIOS over
TCP/IP (that's called NBT) and not play that game any more. From the "WINS"
tab of Advanced TCP/IP Properties disable it. See also
That gets rid of all traffic on 137, 138 and 139 in favor of port 445.
BEWARE: you can do that on pretty much all systems. I suspect there may be
an impact of Samba clients who might expect NBT (that's a guess ... I
suspect pam_smb is really NBT and not really SMB on port 445).
More information about the unisog