[32208] in North American Network Operators' Group
Re: Operational impact of filtering SMB/NETBIOS traffic?
daemon@ATHENA.MIT.EDU (Gary E. Miller)
Tue Nov 14 15:42:26 2000
Date: Tue, 14 Nov 2000 12:35:25 -0800 (PST)
From: "Gary E. Miller" <gem@rellim.com>
To: Scott Call <scall@devolution.com>
Cc: <nanog@nanog.org>
In-Reply-To: <Pine.LNX.4.10.10011141214480.15123-100000@roboto.devolution.com>
Message-ID: <Pine.LNX.4.30.0011141230080.14907-100000@catbert.rellim.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
Yo Scott!
On Tue, 14 Nov 2000, Scott Call wrote:
> Due to an increasing number of intrusions into windows-based machines
> through unprotected shares, I've started filtering both incoming and
> outgoing traffic for our customers on ports 138/139.
I have had my upstream filter these ports on me before. They
get an angry call right away. I use SMB to mount remote shares,
do remote authentication and remote printing. Sure most people
do not know how to do this, but I have taught a lot of my
customers to do it. Road Warriors love it. They never want to
go back to the old ways.
I have worked at several ISPs that found the easiest way
to reduce the customer list was to start filtering. A lot of
folks do not complain, they just move on to another ISP.
A good compromise is to notify your customers that you are
providing the extra "service" and let them opt-out if they
choose.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701
gem@rellim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676
