Author Topic: nbname port 137  (Read 37382 times)

Offline gleach

  • Comodo Loves me
  • ****
  • Posts: 176
nbname port 137
« on: April 17, 2009, 12:28:20 PM »
hi,
   i recived a firewall alert, please see attachment, system is trying to connect to the internet, which cis belives is safe and should be allowed. wikipedia, however, says something entirely different. http://en.wikipedia.org/wiki/NBName   

so, is this a legitimate request or a DOS attack?
« The supreme art of war is to subdue the enemy without fighting. »
Sun Tzu

Offline Bad Frogger

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1511
Re: nbname port 137
« Reply #1 on: April 17, 2009, 12:42:06 PM »
Hi gleach,

NBName is a virus - nbname is a legitimate process.

google it without the caps. :)

Later
CIS    Firefox  NoScript  Please remember to follow The Forum Policy.

Offline HeffeD

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6827
Re: nbname port 137
« Reply #2 on: April 17, 2009, 12:50:48 PM »
nbname(137) is the port used for the netbios name service. (nbname) You can see both UDP and TCP traffic on port 137.

As the application trying to access the port is System and not NBName, it's legitimate.

Offline gleach

  • Comodo Loves me
  • ****
  • Posts: 176
Re: nbname port 137
« Reply #3 on: April 17, 2009, 01:57:20 PM »
i feel a little foolish, apparently im the victim of a typo and my own paranoia, thank you mr frogger and heffeD
« The supreme art of war is to subdue the enemy without fighting. »
Sun Tzu

Offline Bad Frogger

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1511
Re: nbname port 137
« Reply #4 on: April 17, 2009, 02:04:52 PM »
NP your welcome.

Fools don't ask when in doubt.
CIS    Firefox  NoScript  Please remember to follow The Forum Policy.

Offline HeffeD

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6827
Re: nbname port 137
« Reply #5 on: April 17, 2009, 02:08:49 PM »
As Bad Frogger said, it's never foolish to ask a question when you are unsure of something. :)

Offline Eloquent

  • Newbie
  • *
  • Posts: 1
Re: nbname port 137
« Reply #6 on: August 06, 2010, 05:58:22 AM »
 :-\ Terrible response. A port scan registered as a System process should be looked at even more suspiciously than any other.
I received this alert from 83. - Poland. Why in the world would I want to allow such traffic?
Consider taking more time to analyze issues in detail.

Offline Bad Frogger

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1511
Re: nbname port 137
« Reply #7 on: August 06, 2010, 03:52:48 PM »
The thread is over a year old.

Who said anything about a port scan?

Perhaps you could consider more attention also.

Bad
CIS    Firefox  NoScript  Please remember to follow The Forum Policy.

Offline worldwidewiretap

  • Comodo Loves me
  • ****
  • Posts: 160
  • noagendashow.com
Re: nbname port 137
« Reply #8 on: August 01, 2011, 05:31:16 PM »
Just to add on this.. My CIS will notify me of the same alert (nbnname port 137) also every time I boot up.  This port block usually happens on my XP systems when running through networks.  I found some interesting information on the subject of this port, along with 138, and 139, which according to the author of the articles I came across, Microsoft uses these ports for "the transport of their existing NetBIOS protocol over IP-based LAN and WAN networks. The horrors of insecurity resulting from Microsoft's exposure of their NetBIOS protocol to the Internet are legendary."

From my network configurations, this makes sense, and I prefer to block these ports, only because I do not share anything to or with any pc's, or phones, or pads, etc.. which connect to the network.. I simply block the port access upon each boot & I do NOT choose the remember my answer tab in the event I would actually like to share a file or printer with another device connected to the network.

Thats my 2 cents on the issue..

Related Article: http://www.grc.com/port_137.htm
« Last Edit: August 01, 2011, 05:34:47 PM by worldwidewiretap »

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek