[32325] in North American Network Operators' Group
Re: Operational impact of filtering SMB/NETBIOS traffic?
daemon@ATHENA.MIT.EDU (Shawn McMahon)
Sun Nov 19 07:55:22 2000
Date: Sun, 19 Nov 2000 07:53:09 -0500
From: Shawn McMahon <smcmahon@eiv.com>
To: nanog@merit.edu
Message-ID: <20001119075309.A4366@eiv.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="zhXaljGHf11kAtnf"
Content-Disposition: inline
In-Reply-To: <47FE39302BF73B4C93BC84B87341282C1EF8@condor.lvrmr.mhsc.com>; from rmeyer@mhsc.com on Sat, Nov 18, 2000 at 08:19:12PM -0800
Errors-To: owner-nanog-outgoing@merit.edu
--zhXaljGHf11kAtnf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Nov 18, 2000 at 08:19:12PM -0800, Roeland Meyer wrote:
>=20
> because we want shares. You are considering killing off a whole bunch of
> legitimate use because some are too brain-dead to not have unintentional
> shares on the internet?
There are other issues with Microsoft's networking protocols than just
unintentional shares. It leaks potentially lethal information like a sieve.
Letting it willy-nilly through your firewalls is an invitation to have
compromised hosts on your network.
It should be filtered by default, and only un-filtered by request; and that
with the understanding that if it even looks like you might be owned, you g=
et
cut off until there's an explanation.
--zhXaljGHf11kAtnf
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6F801Ecl9bQ0RMt0RAqtDAKCiCSpxKwLdP3vG1UzeThxCb0v8RgCeIW5T
NDCVvIV2utTsGWGwqfRkg/Q=
=rKCg
-----END PGP SIGNATURE-----
--zhXaljGHf11kAtnf--
