Print

Welcome to Smokey's Security Forums.

Guests have only limited access to the board and it's features, please consider registering to gain full access!

Registration is free and it only takes a few moments to complete.

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[xaoc]

Here is my set of rules for windows file sharing:

Code: [Select]

<config>
    <export>
        <table action="continue" id="24" name="System">
            <rule type="7" action="accept" name="netbios-ns out">
                <event value="0x200" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <remote_port value="137" />
            </rule>
            <rule type="7" action="accept" name="netbios-ns in">
                <event value="0x400" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <local_port value="137" />
            </rule>
            <rule type="7" action="accept" name="netbios-dgm out">
                <event value="0x200" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <remote_port value="138" />
            </rule>
            <rule type="7" action="accept" name="netbios-dgm in">
                <event value="0x400" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <local_port value="138" />
            </rule>
            <rule type="7" action="accept" name="netbios-ssn out">
                <event value="0x2" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <remote_port value="139" />
            </rule>
            <rule type="7" action="accept" name="netbios-ssn in">
                <event value="0x1" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <local_port value="139" />
            </rule>
            <rule type="7" action="accept" name="microsoft-ds in">
                <event value="0x2" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <remote_port value="445" />
            </rule>
            <rule type="7" action="accept" name="microsoft-ds out">
                <event value="0x1" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <local_port value="445" />
            </rule>
        </table>
    </export>
</config>
(group "lan" contains ip's from my local network)
(we must jump to this rule table with application value="System")
Rule table is attached to the post

If anybody has another ruleset for ms file sharing - you are welcome