Security Basics mailing list archives
Re: Blocking NetBios
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Fri, 11 Jun 2004 03:08:53 +0200
On 2004-06-10 Kareem Mahgoub wrote:
I have a request from one of our clients to block NetBios in thier Network ( No one should be able to see the shared resources of others)
Not sure if I understand this correctly. If noone should see the shared resources, then why are they sharing them? Should only selected computers be able to access a resource? Or do they want to prevent computers administrated by third parties from sharing resources?
I have googled around and all what I have found is blocking it on the edge communication equipment ( router, xDSL modemd..etc) Which will be done. The most important thing is to disable it internally ( inside the LAN) Any suggestions???
Is invisibility of the shares sufficient or should (blind) access also be prevented? The former can easily be achieved by appending a "$" to the share's name (WHATEVER$ instead of WHATEVER). For the latter you will have to use managed switches to block traffic at least from and to ports 137-139 (both TCP and UDP). For Direct SMB you will have to block port 445 as well. Another option may be setting file- and/or share-ACLs on each computer appropriately. What exactly are they trying to accomplish, if I might ask? Regards Ansgar Wiechers --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: Alternative to Windows Explorer, (continued)
- Re: Alternative to Windows Explorer atarata () internode on net (Jun 07)
- RE: Alternative to Windows Explorer Halverson, Chris (Jun 07)
- Re: Alternative to Windows Explorer Brad Germany (Jun 08)
- Re: Alternative to Windows Explorer steve (Jun 09)
- ACL in Linux Marcelo Leão Caffaro (Jun 09)
- Blocking NetBios Kareem Mahgoub (Jun 10)
- RE: Blocking NetBios Glen L. Bowes (Jun 11)
- RE: Blocking NetBios whirlow (Jun 14)
- RE: Blocking NetBios David Gillett (Jun 11)
- Re: Blocking NetBios Ryan King (Jun 11)
- Re: Blocking NetBios Ansgar -59cobalt- Wiechers (Jun 15)
- Re: Alternative to Windows Explorer Brad Germany (Jun 08)
- RE: ACL in Linux Michael LaSalvia (Jun 11)