[32322] in North American Network Operators' Group
Re: (Already happening) Operational impact of filtering SMB/NETBIOS traffic?
daemon@ATHENA.MIT.EDU (Dana Hudes)
Sun Nov 19 00:57:04 2000
Message-ID: <038401c051ed$46744d60$3d5cdcd1@hudes.org>
From: "Dana Hudes" <dhudes@hudes.org>
To: <nanog@merit.edu>
Date: Sun, 19 Nov 2000 00:55:09 -0500
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Errors-To: owner-nanog-outgoing@merit.edu
VPN access would use more of the bandwidth more of the time than web =
surfing and e-mail.
More file transfers and of course SMB keepalives and maybe some nice =
DCOM broadcasts etc.
Personally I strongly prefer the use of a secure tunnel for access to a =
corporate network.
----- Original Message -----=20
From: "Derrick" <derrick@anei.com>
To: <nanog@merit.edu>
Sent: Sunday, November 19, 2000 3:04 AM
Subject: RE: (Already happening) Operational impact of filtering =
SMB/NETBIOS traffic?
>=20
> This is something I have already seen happen and the bad side of it.
>=20
> While working on a VPN project I came across many ISP's (mostly cable =
and
> DSL) who charged
> extra per month if you wanted to have VPN access to a remote network. =
We got
> several calls
> where New user A has setup the VPN software we gave them and they =
can't
> connect from home.
> Number one resolution was to call their ISP and move them to a =
"business
> account" where
> the ISP would then change their profile to allow IP Types other than =
just
> tcp and udp.
> It is for this reason that I am careful to only choose ISP's who =
either
> don't filter at all
> or who expressly detail their filtering policy before I use them. =
However in
> the case of Cable
> ISP's you can't always have a choice. So on that level I am against =
any
> filtering since it
> seems to have given many ISP's a new revenue stream for something they
> shouldn't really be
> charging extra for (IMHO).
>=20
> Derrick
>=20
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
> Jim Mercer
> Sent: Saturday, November 18, 2000 8:49 PM
> To: Roeland Meyer
> Cc: 'Scott Call'; nanog@nanog.org
> Subject: Re: Operational impact of filtering SMB/NETBIOS traffic?
>=20
>=20
>=20
> On Sat, Nov 18, 2000 at 08:19:12PM -0800, Roeland Meyer wrote:
> > You are considering killing off a whole bunch of legitimate use =
because
> > some are too brain-dead to not have unintentional shares on the =
internet?
>=20
> well, maybe if there was a global filter on SMB then the brain-dead =
company
> that produces the brain-dead software will wake up and realize that =
maybe
> it shouldn't produce software that by default leaves their users open
> to intrusion or viruses.
>=20
> geez, if the filter was there, are you saying that people who _need_ =
SMB
> shares are too brain-dead to come up with a straight forward way to =
make
> it get around the filter?
>=20
> --
> [ Jim Mercer jim@reptiles.org +1 416 =
410-5633 ]
> [ Reptilian Research -- Longer Life through Colder Blood =
]
> [ Don't be fooled by cheap Finnish imitations; BSD is the One True =
Code. ]
>=20
