Found Something

[Kokanee]

Been having troubles with file sharing programs lately and was checking out all my software when I came across this in NIS2003 :

I checked out the IP's and they are from my own ISP!
WTF is all this about?? is this good/bad ??

[balamm]

Means you haven't got your system security configured properly. You should check out some sites on the subject and do a search for "hardening an operating system."

What you need to do first though is open network connections and click on tcp/ip and properties. Go to advanced. look for a WINS tab and open it. check the box that says "disable netbios over TCP". click OK on everything and then restart your system.

Ports 135-139 should never be open on most client computers. There are some legitimate uses for 135 so don't close it before you check. RPC may be using it along with some other programs but keep an eye on traffic on that port. If you don't do desktop sharing or connect to a lot of mac users, or need to share your printer on a network, then disable that filesharing shit in network connections too. It has nothing to do with actual filesharing, it refers to sharing windows files over the MSN network. One more backdoor for a script kiddie.

Grab a copy of Anti-Trojan and run the advanced menu to see what other ports you have open. Close things that should obviously be closed. You shouldn't find more than about ten listening ports on a tight system.

[Kokanee]

Thank balamm.
I found a site last night that walks you through a ton of security checks. Took me about an hour and a half maybe two but everything seems to be working great. NIS used to be getting a security Alert every hour or so and I havn't had one yet since the security overhaul. I didn't know my computer was left pretty much wide open like that. thanks again. I would reccomend to anyone to check out thier security flaws and harden thier OS.
Thanks again balamm.