Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Netbios ports showing up closed not stealth

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 4 Posters 713 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      Grindey
      last edited by

      Hi ,is there a simple way of putting netbios ports on the outside (wan) in to a stealth mode.
      Even with block rules on the LAN and the wan they still show up as closed.See below

      I know this is not a security issue but it is annoying as I don't have any microsoft devices
      on my network or anything using samba

      file:///home/ian/downloads/Screenshot_2020-07-19 Firewall grindey co uk - Firewall Rules LAN.png
      file:///home/ian/downloads/Screenshot_2020-07-19 Firewall grindey co uk - Firewall Rules WAN.png

      GertjanG 1 Reply Last reply Reply Quote 0
      • PippinP
        Pippin
        last edited by

        @Grindey said in Netbios ports showing up closed not stealth:

        file:///home/ian/downloads/Screenshot_2020-07-19 Firewall grindey co uk - Firewall Rules LAN.png
        file:///home/ian/downloads/Screenshot_2020-07-19 Firewall grindey co uk - Firewall Rules WAN.png

        Gives "File not found"
        You ok there ;)

        Are you sure it's you who is responding to the scan?

        I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
        Halton Arp

        1 Reply Last reply Reply Quote 0
        • G
          Grindey
          last edited by

          Sure cant see how to upload an image file ,now worked it out the rules are on the lan and the wan port

          Screenshot_2020-07-19 Firewall grindey co uk - Firewall Rules LAN.png Screenshot_2020-07-19 Firewall grindey co uk - Firewall Rules WAN.png

          1 Reply Last reply Reply Quote 0
          • B
            bigsy
            last edited by

            Are you sure this isn't your ISP blocking those ports? Mine does so they always show up as 'closed' on external scans - https://support.zen.co.uk/kb/Knowledgebase/Do-Zen-block-any-ports

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan @Grindey
              last edited by

              @Grindey said in Netbios ports showing up closed not stealth:

              ,is there a simple way of putting netbios ports on the outside (wan) in to a stealth mode.
              Even with block rules on the LAN and the wan they still show up as closed

              Hi,

              When you installed pfSense, everything is blocked from the outside.
              So when you scan your WAN IP using a you like this, and it shows open or closed port, then your not hitting the pfSense WAN interface, but something placed in front of it, like your ISP router.

              No need to block Netbios traffic on the LAN side, as by definition this traffic isn't routed anyway.

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • G
                Grindey
                last edited by

                Thanks both, that is definitely what's happing, as like bigsy I have an account with Zen. So the answer to my question is no there is no simple way of making my ports stealth . Project abandoned.

                I tried adding rules to see if they would make any difference which they did not so I will remove them. The implicit deny rule I have added would stop anything internally using those ports anyway.

                I put an extra implicit deny rule in to monitor any network activity I was not expecting. I presume like most firewalls I have worked on there is an invisible deny rule anyway.

                Thanks for the help

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.