[32353] in North American Network Operators' Group
Re: Operational impact of filtering SMB/NETBIOS traffic?
daemon@ATHENA.MIT.EDU (Mike Johnson)
Sun Nov 19 21:56:01 2000
Date: Sun, 19 Nov 2000 22:04:45 -0500
From: Mike Johnson <mike.johnson@isunnetworks.com>
To: "Stephen J. Wilcox" <steve@opaltelecom.co.uk>
Cc: nanog@merit.edu
Message-ID: <20001119220445.B1728@i-sun.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.10.10011192143010.12992-100000@rem.opaltelecom.co.uk>; from steve@opaltelecom.co.uk on Sun, Nov 19, 2000 at 09:49:46PM +0000
Errors-To: owner-nanog-outgoing@merit.edu
First, I want to apologize for my terms. I did not mean dial-up
accounts and customers. I'm talking about leased-line accounts.
Stephen J. Wilcox [steve@opaltelecom.co.uk] wrote:
> Since we started filtering netbios ports and packets directed to network
> or broadcast addresses from and to our modems our inbound abuse reports
> has virtually stopped.. and a look at the security logs shows hundreds of
> people simultaneously port scanning netbios ports. So far no one had
> complained about problems.. I dont think many people in reality use the
> internet for smb in its basic form, its normally businesses who might need
> it and assuming they're sensible they will be using vpn tunnels anyway.
[snip]
> Does that help you understand the argument, I think smb is a source of
> much hassle and is virtually never used legitimatly and better off blocked
> from our abuse mailbox point of view!
I do understand the argument better. Thanks to you and all the others
that responded.
However, I would like to understand if leased line (and co-lo) providers
also filter. I certainly can understand filtering dial-up customers,
but do y'all (or are y'all considering) doing any filtering on the
dedicated connection front? That's a general 'y'all' out to NANOG,
by the way.
Thanks for all the responses. I do have a better grasp on part of the
reasoning.
Mike
--
Mike Johnson
Network Engineer / iSun Networks, Inc.
Morrisville, NC
All opinions are mine, not those of my employer
