I noticed that while trying to assess my system's ports, even on a newly intalled machine, port 137, 138, and 139( [img]images/smiles/icon_sad.gif ) are always open. What are these ports used for and are they a potential threat. My theory is that it is a possible back door for Gates and his staff. [img]images/smiles/icon_wink.gif
Those ports you mentioned are used by the TCP/IP protocol for Netbios communications.
Putting it in simple terms, using these ports, windows machines can talk to each other and transfer data.
If your on a network at home and your talking to other machines, you need these ports open. If this is a stand alone pc, you can use a 3rd party firewall program e.g Zonealarm to close them up [img]images/smiles/icon_smile.gif
The way to disable the ports is to not enable Client for Microsoft Networks and File and Print sharing. I know on the new XP it comes pre-enabled but if you were to disable it you will notice the ports close.
Another solution is to disable Netbios over TCP (2000 and XP only)
Just see for yourself
NOTICE the netbios entry
Now open your TCP/IP Properties-->Advanced-->WINS
There disable Netbios over TCP.
Now take a look again with netstat -A
John Bruijntjes MCSE /CCNA
Message for LXS (see earlier posting).....everyone needs a change to learn so if you are so smart go ahead and answer some questions...answer them wrong and i flame you like hell!!! [img]images/smiles/icon_mad.gif
The solution is very easy, just type in services.msc into the command prompt and disable the services you don't want running. There is a port tied to each service.
If you arent familiar with all the services, take a trip to
and familiarize yourself with each one. You would be surprised at how many you can disable and still maintain functionality. [img]images/smiles/icon_smile.gif
I usually boot up with only 15 or 16 services at any one time.