Re: Strange PEER error with Dani's 506 1.81 generic question

Sir:

Mike Luther wrote:
Thanks Bill!

William L. Hartzell wrote:
Sir:

I started getting that report about two months ago on my P3 build machine upon its boot. It turn out that some how the firewall got enabled (smb over tcp)! After fixing that I still get the report, even though nothing is broken. I only can think that there is a timing issue in something that works itself out before I can check. I don't even know which machine is causing the report! The report dialog goes away on its own. Sorry that I can not make a suggestion as to what you need to do.

Interestingly, this box IS firewall enabled. Twice as fact, the machine itself has the Injoy firewall enabled as a software tool. As well, it is behind a ZyXel router which has the their internal hardware firewall enabled as well.

I don't as of now know what you mean by (smb over tcp) in the above. I'll dig into that to see what I can learn and as well, see what I can learn about whether that is enabled somehow in the Injoy software firewall on this box. I can 'disable' the Injoy firewall on this box. Have to do that to make MPTN changes on it, for example, then 're-enable' the Injoy firewall after that. I guess the first thing to do here is to try the 'disable', see if the report goes away. Then if so, 're-enable' the Injoy firewall and see if it stays away. See what I can learn here.

Thanks for your thoughts Bill .. and any others welcome too.

There is one other possibility and that is the local shared resources is/are not starting. I went onto that box just to find out and I discovered that I had disabled starting the local share when I switched over to using TCPbeui as it was the boot partition (I deleted the share and not seen the dialog in three boots today). SMB over TCP is TCPbeui, as in Netbios over TCP/IP. Firewalls only affects TCP/IP. If you are using NETbeui, aka Netbios, then the firewall is not part of the problem.
--
Bill
Thanks a Million!
.

Relevant Pages

  • Re: Code Red Doesnt care about TCP sessions?
    ... Code Red Doesn't care about TCP sessions? ... I also neglected to state that I've correlated this activity to firewall ... >> from the Web server before it sent it's ACK and then GET request. ...
    (Incidents)
  • Re: [Full-disclosure] 0trace - traceroute on established connections
    ... variety of different probes using both UDP and TCP layer-4 protocols. ... elicit ICMP "TTL exceeded" from hosts in the path, LFT can send TCP ... a tool to probe firewall ACLs; ...
    (Full-Disclosure)
  • Re: [Full-disclosure] 0trace - traceroute on established connections
    ... For example, rather than only launching UDP probes in an attempt to elicit ICMP "TTL exceeded" from hosts in the path, LFT can send TCP SYN or FIN probes to target arbitrary services. ... a tool to probe firewall ACLs; ...
    (Bugtraq)
  • Re: R2 DFS Replication failing
    ... Disabled the firewall and everything started magically working.. ... BTW: Found out the RPC patch is this one: ... System service name: DfsApplication protocol Protocol Ports ... NetBIOS Session Service TCP 139 ...
    (microsoft.public.windows.server.general)
  • Re: Monitor port Access(File Transfer Activity)
    ... Probably, just capture the activity on the control channel [TCP 21], since ... If your firewall does not permit this capability [and your firewall ...
    (microsoft.public.windowsxp.security_admin)