NetBIOS port probe
advICE :Intrusions : 2003009

Summary

Someone is scanning your system to see if they can get at your files.

Details

The "NetBIOS" service is used for Windows "File and Print Sharing". If you enable this feature, you can share files (and even your printer) with friends across the Internet.

However, this feature is very dangerous for two reasons.

• It is very easy to accidentally share files without a password, accidentally giving anybody/everybody on the Internet access to them.
• It is easy to accidentally expose your entire hard-drive, giving everyone on the Internet the capability to complete control your machine.
• Even if you put passwords on the 'shares', a hacker can run a "password grinding program against it, trying all combinations until they get in.
• In some versions of Windows, hackers can break into the system through this feature even if you have passwords.

Defense

Disable File and Print Sharing on your computer.

However, if you do choose to leave it enabled, the product will still provide some protection. While it cannot protect you if you put no passwords on your shares, it can detect and block attempts to crack your password or exploit obscure bugs in the system.

parametric information port This indicates the TCP port that was probed. reason The reason for the port probe. Firewalled: the incoming TCP SYN or UDP frame was stopped by the firewall. RSTsent: the incoming TCP SYN frame was rejected by the computer. ICMPsent: the incoming UDP frame was rejected by the computer. NOanswer: there was no response to the incoming SYN frame.

 
Version appeared: 2.5