LMAO! I totally agree with your assessment of networking details. After getting my first "real" firewall I decided to check out how networking works and about the ports and such. It didn't take me long to realize that it would take a lot of time to research that mess and it probably wouldn't even be too handy. So, I just learned about the basics and some commonly used ports and do google searches whenever I see a port I don't know. So for this I just googled "udp port 138" without the quotes. It appears that UDP ports 137, 138, and 139 are used for NetBIOS communications. I would think that most NetBIOS stuff can be blocked unless you are accessing one PC (or printer or other device) from another over your network. Here are a few links with more info: http://www.auditmypc.com/port/udp-port-138.asp http://www.grc.com/port_138.htm http://www.grc.com/port_137.htm BTW, there are two types of ports, UDP and TCP. I don't know the details (or care), but basically TCP is slower than UDP because it guarantees the data (and the order of packets). UDP is faster, because it doesn't check the data, so the program using that port will need to determine if the data is good. These differences are why games usually use UDP since a game would rather have a slight glitch from a lost packet, instead of the delay when TCP times out and resends the packet and verifies this new packet before you get the next packet. Oops! I'm getting off topic. Sorry. Ed -----Original Message----- From: pctechtalk-bounce@xxxxxxxxxxxxx [mailto:pctechtalk-bounce@xxxxxxxxxxxxx] On Behalf Of Gman Sent: Monday, June 08, 2009 8:08 PM To: pctechtalk@xxxxxxxxxxxxx Subject: -=PCTechTalk=- Re: Firewall Alert I don't know what IOW means, but many internal network connections are legitimate without being necessary. For instance, every network I've worked on appears to assume that it needs what is called a Master Browser, which is a single computer that gives out permissions for other connections. I don't fully understand the mechanism in use there, but a little research shows that this 'MB" designation can move from one computer to another within the network. So, if a computer sends out a call for the MB to answer and there's no MB manually assigned, the attempt fails, an error is generated within Event Viewer and nothing else seems to happen. These calls can trigger firewalls to block or ask you about them, but allowing/denying them has no effect since the automatically assigned MB doesn't seem to know what to do with the requests anyway. It's a very strange arrangement to me and I do wish I understood more about how it's supposed to work, but it's never given me enough reason to put it higher on my list of things to learn. Peace, Gman http://www.thevenusproject.com/index.php "The only dumb questions are the ones we fail to ask" ----- Original Message ----- From: "Dan Chisolm" <d0ct0rdan@xxxxxxxxxxx> To: <pctechtalk@xxxxxxxxxxxxx> Sent: Monday, June 08, 2009 7:53 PM Subject: -=PCTechTalk=- Re: Firewall Alert > > Periodically, I also get similar alerts. These alerts originate from > other computers in my house . . . one originates from a wired computer and > the other from a wireless laptop. > > This is rather interesting, considering that both computers from which the > alerts originate are on the same workgroup; however, the wired computer on > which the alert appears is on a different workgroup. Both workgroups use > the same router, however. Also, I notice that the alert from the wired > computer always always attempt to connect via UDP Port 138; while the > wireless computer attempts via UDP Port 137. I don't understand the > significance of UDP. > > The alerts are generated and denied by CA Security Suite, which > automatically denies connection, without any known consequences. I do > wonder what would happen if I did not have the Security Suite. IOW, would > the WinXP firewall have blocked the connection? > > Thanks. > > ~ Dan --------------------------------------------------------------- Please remember to trim your replies (including this sentence and everything below it) and adjust the subject line as necessary. To subscribe, unsubscribe or modify your email settings: //www.freelists.org/webpage/pctechtalk OR To subscribe to the mailing list, send an email to pctechtalk-request@xxxxxxxxxxxxx with "subscribe" in the Subject. To unsubscribe send email to pctechtalk-request@xxxxxxxxxxxxx with "unsubscribe" in the Subject. To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/ To contact only the PCTT Mod Squad, write to: pctechtalk-moderators@xxxxxxxxxxxxx To join our separate PCTableTalk off-topic group, send a blank email to: pctabletalk+subscribe@xxxxxxxxxxxxxxxx --------------------------------------------------------------- --------------------------------------------------------------- Please remember to trim your replies (including this sentence and everything below it) and adjust the subject line as necessary. To subscribe, unsubscribe or modify your email settings: //www.freelists.org/webpage/pctechtalk OR To subscribe to the mailing list, send an email to pctechtalk-request@xxxxxxxxxxxxx with "subscribe" in the Subject. To unsubscribe send email to pctechtalk-request@xxxxxxxxxxxxx with "unsubscribe" in the Subject. To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/ To contact only the PCTT Mod Squad, write to: pctechtalk-moderators@xxxxxxxxxxxxx To join our separate PCTableTalk off-topic group, send a blank email to: pctabletalk+subscribe@xxxxxxxxxxxxxxxx ---------------------------------------------------------------