I’ve recently switched to a new computer, running Windows 11. This is what I’ve been noticing on the first serious day of use:
Every now and then, the system seems to graciously send out packets to port 137 to external IPs. How is this possible? It makes me feel Windows 7 was more secure. The above example was after I added a custom rule to block this so it’s blocked. But before that, it was “allowed”, and in return the external IP responded with ICMPv4 “destination unreachable”.
UDP 137 traffic is Windows NetBIOS protocol. It is used for File and Printer sharing. It shouldn’t be allowed outside a LAN. Are you connected to a router or just straight into the ISP’s modem?
I know it’s for sharing. That’s why I’m asking. I’m behind router/firewall. It seems like it’s trying to reach IPs from other activities (browsing etc.).
Hi Max2015,
Thank you for reporting, CIS v12.2.2.8012 is released to be compatible only with win 7, 8 & 10.
However, may i know exactly what you did and what happened?
Are you using CIS/CFW ?
Thanks
C.O.M.O.D.O RT
Found the culprit. There’s an “obscure” setting which I completely forgot about in all these years. I had to disable “NetBIOS over TCP/IP” for the ethernet adapter. It’s clean now.
