Home page logo
/

nanog logo nanog mailing list archives

Re: UDP port 137 Question
From: Melody Yoon <melodyy () best com>
Date: Tue, 6 Jan 1998 12:17:47 -0800 (PST)

On Tue, 6 Jan 1998, Bryce Ryan wrote:
[cut]
who was it that said, "never attribute to malice what can be explained by
stupidity?"

no clue, but I like the quote. :)

we run a web farm and see requests directed at port 137 all the time on
the web sites we host.  i don't know for certain, but i assume it is
some sort of internet explorer "feature" that is attempting to establish
a CIFS connection to the web site.  we ignore them anyway. 

Hi Bryce. That's a possibility which I had not thought of.. However, to
test it, I ran Explorer on some machines here (including IE4.0 for Sparc)
and directed it my workstation here which is running apache. I've got
snoop running monitoring port 137, and so far, I've gotten no hits from
the machines running IE4 that are specifically directed to my Sparc (as
per the scenario from the original poster). Due to the way our network is
configured here, I don't have the ability to go over a router (we're on a
Cat5k switch).

Could someone out there do a similiar test and double check my methods and
see if I just did something wrong? :)

mel

Melody Lynn Yoon      melodyy () best com              | Graduate - '97 MSF
Senior SA - Taos Mountain Software, Santa Clara, CA | NRA Member
-- I do not accept commercial, unsolicited email
-- http://www.best.com/~melodyy/spam.policy.html



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]