My Ubuntu server is running wild on public network and due to a previous setting on my firewall to let Samba traffic pass through, I had port 139 open to “any” network. And this can be seen from a common NMAP probe:
Obviously exposing file sharing service is a bad idea and I used below commands to restrict the Samba access to local network only:
sudo ufw allow from 192.168.0.0/24 to any app Samba
Then if I check the firewall settings by:
sudo ufw status verbose
I get below summary (remember also to delete the previous “allow in” rule regarding port 139)
Then I re-did an NMAP probe and successufully found out that port 139 is gone.
Leave a Reply