Greetings all,
I have a Netgear ProSafe VPN/Firewall between my internal systems and my
cable modem. It has it's intrusion detection feature enabled, and is set up
to e-mail me logs every day. I've noticed that the majority of the log files
have entries similar to the one below.
Sun, 10/27/2002 06:48:35 - UDP packet dropped - Source:218.153.236.89, 1026,
WAN - Destination:65.32.27.159, 137, LAN - 'Suspicious UDP Data'
What I've noticed is that the port is almost always port 137. I looked it up
and it is usually reserved for the nbname protocol.
What exactly is the nbname protocol? I don't believe I have nbname running
on any of my systems, can I redirect the port or do something else so that
my logs aren't flooded with these entries? Or can these entries be serious
threats that I need to keep track of?
All help is appreciated.
Thanks,
JB
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:09:39 EDT