Windows desktops generating unnecessary(?) network traffic

0 pts.
Tags:
Microsoft Windows
Networking
We have Windows desktops with XP SP2 installed. We have servers on the network but they are not Windows servers. One of the Windows desktops produces many broadcasts to _._._.255 on port 137. We have tried disabling file and print sharing and master browser but neither has helped. Our first question is what is generating this traffic and how do we turn it off. Our second question is that many (but not all) of the other desktops are generating many packets aimed at one of our non-windows servers using port 135. We also want to know what is generating this traffic and if we can safely turn it off on the desktop. Thanks in advance.
ASKED: April 12, 2005  11:01 AM
UPDATED: April 12, 2005  1:02 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

That’s NetBIOS name resolution. Here’s a link:

http://www.seifried.org/security/ports/0/137.html

Could be difficult switching it off if you’re using Samba for file servers. I know you can allegedly turn it off in a purely later Windows environment but not sure about cross-platform compatibility.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Tmac24
    Windows port 137 is used for netbios name resolution. If you are seeing a large number of outgoing packets this could be an indication of a worm. Have you ran a virus scan on that machine? I would also recommend using some sort of spyware on that machine. Spybot works well. You may want to run more than one spyware program on the box...one never seems to do the trick. You can also try disabling Netbios. Port 135 run MS RPC service. There is a known ms exploit http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx Make sure you have downloaded the lates security updates from MS.
    0 pointsBadges:
    report
  • Ghigbee
    Could it be Univeral Plug and Play?
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following