New
#91
This is an awesome discussion! so lively and rich!
When you block the settings at the adapter level, this is known as reducing your attack surface.
I suggest using Windows Firewall for BBC iPlayer and add an outbound inbound exception (rules can be overridden) for it while still adding the rules so the program can work. I do not depend on 3rd party paid software to do my bidding normally, but you should add the rules to Kaspersky and WF (I love Kaspersky).
According to: Port 137 (tcp/udp) :: SpeedGuide
Which is accurate.
137 tcp,udp NetBIOS NetBIOS Name Service (official) Wikipedia 137 tcp trojan Chode, Nimda Trojans 137 udp trojan Bugbear, Msinit, Opaserv, Qaz Trojans 137 tcp,udp netbios-ns NETBIOS Name Service IANA 137 tcp Chode [trojan] Chode Neophasis 137 tcp Qaz [trojan] Qaz Neophasis 137 udp Msinit [trojan] Msinit Neophasis 137 udp threat Femot Bekkoame 137 udp threat Msinit Bekkoame 137 tcp threat Chode Bekkoame
The NetBIOS Name Service is sent outbound from svchost.exe and is used by a numerous amount of malware, now including Petya.
It translate human readable names to IP addresses for IPv4 and is can be used across multiple protocols, however it may be safely disabled if you do not explicit use NetBIOS.