On Sun, Jul 22, 2012 at 3:25 AM, lina <lina.lastn...@gmail.com> wrote: > > strangely my netstat showed my 139 and 445 ports are open. > > tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN > tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN > > Do I need specify > > -A INPUT -p tcp --dport 139 -j REJECT > > in iptables? > > For all INPUT has already set -P INPUT DROP, except open for 80, 443, 22,
If you're DROPping everything except 22/80/443, then the 139/445 LISTENs are useless because nothing can access them remotely; so you must not be using them and you may as well disable/uninstall samba. If I've misunderstood and you want to disable 139 and enable 445, you can. You'll then be accessing samba shares via smb-over-tcp rather than smb-over-netbios-over-tcp. You'll also have to use ip addresses to access samba shares unless you're running a dns server (or *if* - I have no idea whether this is feasible or logical - you run wins on 137 or 138, I've forgotten which it is). -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAOdo=SwHMZw5AOHbgR1CaTrpfQcXqn=swsrehg7vqxzxdoh...@mail.gmail.com
