IPv6 Firewall on CPEs - Default on or off
Phil Mayers
p.mayers at imperial.ac.uk
Wed Dec 5 21:31:10 CET 2012
On 12/05/2012 07:05 PM, Eric Vyncke (evyncke) wrote:
> OTOH, AFAIK Microsoft does not run netbios anymore (so no netbios
> over IPv6 hence no need to block 137-139)
>
Are you sure about this? The windows 7 machine I have here at home says
the same thing windows has said since w2k for "NetBIOS over TCP" in the
IP->adapter bindings - to honour the DHCP-supplied config for
NetBIOS-over-tcp, and to enable it if no setting is given or using
static IPs.
Certainly a windows 7 machine here at home listens on port 135 by
default. There's no port 139 listener, but I think that's because I've
got no shares published.
There are, of course, lots of devices that listen on 139 that aren't
windows machines (e.g. NASes) so I'd argue that 139 & 445 should be
treated equivalently.
More information about the ipv6-ops
mailing list