SSH is an exception, but what about TCP port 445? Sometimes you need to ad the port as an exception. (At least it has been my experience that it tends to behave this way at time)
Also, did you do a "netstat -an" to enumerate all you listening and connected ports (pre ssh tunnel)?
Armand Welsh
--------------------------
Sent from my BlackBerry Wireless Handheld
----- Original Message -----
From: ssh@erdelynet.com <ssh@erdelynet.com>
To: ssh@erdelynet.com <ssh@erdelynet.com>
Sent: Fri Dec 14 16:40:07 2007
Subject: Re: Vista patch breaks forwarding of port 445?
Firewall is on with ssh as an exception, so not an issue. Nothing appeared to be changed on the loopback adapter and it had been working great for weeks before installing the patch. Additionally, I was still able to forward port 80 on it, just not port 445!
----- Original Message ----
From: "Welsh, Armand" <Armand.Welsh@sscims.com>
To: ssh@erdelynet.com
Sent: Friday, December 14, 2007 3:28:44 PM
Subject: RE: Vista patch breaks forwarding of port 445?
And, I'm sure you have already checked, but just to be complete, did you ensure that the personal firewall is completely disabled on the loopback interface?
________________________________
From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf Of Mike
Sent: Friday, December 14, 2007 2:27 PM
To: ssh@erdelynet.com
Subject: Re: Vista patch breaks forwarding of port 445?
That was one of the first things I checked and it wasn't selected. I even tried a "telnet 10.0.0.222 445" and got no response, so there's nothing listening on that port, yet Vista won't let me use it. Did Microsoft break this intentionally to make SMB "safer?" I'd like to know if anyone else can reproduce the problem so I can be sure it's not unique to my machine.
----- Original Message ----
From: "Welsh, Armand" <Armand.Welsh@sscims.com>
To: ssh@erdelynet.com
Sent: Friday, December 14, 2007 7:53:49 AM
Subject: RE: Vista patch breaks forwarding of port 445?
After applying the patches, check that the patch did not bind the microsoft client service to the loopback adapter. If it did, then you won't be able to bind to port 445, because the microsoft networking client service is already listening on the port. When creating a loopback interface to use only this type of purpose, you should disable (or remove) all services, leaving only the TCP/IP protocol, and nothing else. This will ensure you have a wide open interface, ready for 3rd party software bindings.
Armand
________________________________
From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf Of Mike
Sent: Friday, December 14, 2007 6:49 AM
To: ssh@erdelynet.com
Subject: Vista patch breaks forwarding of port 445?
Yesterday I installed the latest set of Vista patches from Microsoft Update. I also made a few other changes, like turning off User Account Control. Immediately before this I was able to forward port 445 using "ssh -L 10.0.0.222:445:localhost:445 user@server" where 10.0.0.222 is a loopback adapter in Windows. After installing the patches I got an error message saying port 445 could not be forwarded. So I used Windows Restore to rollback the patches and everything worked correctly again. Looking through the patches I'd just installed I found this one addressing a SMB vulnerability:
http://www.microsoft.com/technet/security/bulletin/ms07-063.mspx
I'm guessing it was this one that screwed up the port forwarding. Has anyone else ran into this issue?
________________________________
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. <http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ%20>
________________________________
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. <http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ%20>
________________________________
Never miss a thing. Make Yahoo your homepage. <http://us.rd.yahoo.com/evt=51438/*http://www.yahoo.com/r/hs>
.+-"wiur\o�.+-�!iur\oڭb�N'rxƢf,�˛mur\
Received on Fri Dec 14 20:47:16 2007