Welcome to Smokey's Security Forums.
Guests have only limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Smokeys is looking for 'Updaters.
If you have  knowledge of Updates or a willingness to learn, please send  'Starbuck' or 'Tinker' a PM with your details.
Thanks.

OTL Log Analysis and Malware Removal - Qualified PC Disinfection & Cleaning - Microsoft Security Info & Alert Center - Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on Del.icio.usShare this topic on DiggShare this topic on RedditShare this topic on StumbleUponShare this topic on TwitterAuthorTopic: JPF2 and NetBios file sharing  (Read 1278 times)

0 Members and 1 Guest are viewing this topic.

xaocTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 48
JPF2 and NetBios file sharing
« Reply #1 on: October 18, 2008, 07:45:30 PM »
Here is my set of rules for windows file sharing:
Code: [Select]
<config>
    <export>
        <table action="continue" id="24" name="System">
            <rule type="7" action="accept" name="netbios-ns out">
                <event value="0x200" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <remote_port value="137" />
            </rule>
            <rule type="7" action="accept" name="netbios-ns in">
                <event value="0x400" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <local_port value="137" />
            </rule>
            <rule type="7" action="accept" name="netbios-dgm out">
                <event value="0x200" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <remote_port value="138" />
            </rule>
            <rule type="7" action="accept" name="netbios-dgm in">
                <event value="0x400" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <local_port value="138" />
            </rule>
            <rule type="7" action="accept" name="netbios-ssn out">
                <event value="0x2" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <remote_port value="139" />
            </rule>
            <rule type="7" action="accept" name="netbios-ssn in">
                <event value="0x1" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <local_port value="139" />
            </rule>
            <rule type="7" action="accept" name="microsoft-ds in">
                <event value="0x2" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <remote_port value="445" />
            </rule>
            <rule type="7" action="accept" name="microsoft-ds out">
                <event value="0x1" />
                <protocol value="0x00000002" />
                <remote_addr group="lan" />
                <local_port value="445" />
            </rule>
        </table>
    </export>
</config>
(group "lan" contains ip's from my local network)
(we must jump to this rule table with application value="System")
Rule table is attached to the post

If anybody has another ruleset for ms file sharing - you are welcome
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
 BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content Copyright © 2006 - 2010 Smokey Services™ -- All rights reserved

Surf Smokey's with confidence: all external links in posts are checked and rated by WOT - Web of Trust
Security Knowledge-, Alert- & News Center and Comprehensive Microsoft Windows Information & Download Center
Board- and databases search functions and the download of post attachments are only available to registered board members

    


==>Think your PC is infected? Click here for OTL Log Analysis and Malware Removal Assistance<==


Smokey's Security Forums provide full qualified OTL Log Analysis & Cleaning Services
OTL (formerly OTListIt2) by OldTimer is a sophisticated, comprehensive log analysis tool to clean PCs with malicious content

Microsoft Security Info & Alert Center - most recent, real-time released Microsoft Security Bulletins, Alerts, Advisories and Vulnerabilities:
<div style="background-color: none transparent;"><a href="http://www.rsspump.com/?web_widget/rss_widget" title="rss widget">Rss widget</a></div>