I personally would say 139 is a bucket of worms. If you've got it
right open from outside to in, it'll be fun. People can now establish
NetBIOS sessions with your internal computers. But if you only open it
from DMZ to internal, it's a bit more safe.
As for the other two, I don't know.
> Hello,
>
> I was hoping to get some quality answers from all you professionals out
> there about some ports I have been asked to open up on our firewall.
>
> We have a Watchguard Firebox II firewall connected to the Internet
> (External), the corporate LAN (Trusted) and our DMZ (Optional) which is
> locked down tight except for only the essential ports to allow the servers
> to do their job.
>
> The ports I have been asked to open are:
>
> 1494 - ICA
> 1604 - ICABrowser
> 139 - Netbios Session Service
>
> The is to allow a Citrix server in our DMZ to communicate back through to
> our corporate LAN (Trusted) to another Citrix server.
>
> Can you tell me if I'm about to open up a can of worms, or am I ok to open
> up these 3 ports?
>
> What is ICA and ICABrowser anyway? I asume its a Citrix related service?
>
> Please advise
>
> Regards
>
> Simon
>
>
>
> **********************************************************************
> If you are not the intended recipient of this e-mail and have received it
> in error, you are on notice that the e-mail and any attached files are
> confidential. Please notify us immediately by reply e-mail and then delete
> this message from your system. Please do not use, distribute, copy or
> take any action in reliance on it as to do so could be a breach
> of confidence. The sender does not accept any responsibility for any
> loss, disruption or damage to your data or computer system which may occur
> whilst using data contained in, or transmitted with, this e-mail. Thank
> you for your co-operation. If you need assistance, please contact
> Maritz Ltd - tel.: +44 (0)1628 486011 or e-mail: [EMAIL PROTECTED]
> **********************************************************************
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
