RE: Blocking NetBios

["Bob Walton" <bob () itsecsystems com>]

Somehow or other this ended up on my desk and I believe my company may have
a security system that will cure all your ills by simply standing at the
edge of your network and running all communications thru it. Not only does
it set up a five layer firewall (I hate that word) but it also protects on
the LAN side by putting a wall between each box with in the network if you
will take the time to look at www.itsecsystems.com  I believe you will find
it exciting then look at www.itsecsystems.com/demo/welcome.html this is the
ultimate IT Professionals tool kit. Hope to hear from you.
Bob Walton
1-877-326-5990
bob () itsecsystems com   

-----Original Message-----
From: Doug Massey [mailto:doug () masseytechnologies com] 
Sent: Thursday, June 10, 2004 4:45 PM
To: Kareem Mahgoub
Cc: security-basics () securityfocus com
Subject: Re: Blocking NetBios

Depends upon the OS.  Win2K/XP you can turn off netbios in 
the network connection properties and disable he TCP netbios 
helper service.  If you are using AD, you can create an 
IPSEC policy to block those ports on all machines in the 
domain.  




---- Original message ----
> Date: Thu, 10 Jun 2004 11:21:03 +0300
> From: "Kareem Mahgoub" <kareem () thewayout net>  
> Subject: Blocking NetBios  
> To: <security-basics () securityfocus com>
>
> Hi list,
> I have a request from one of our clients to block NetBios 
in thier Network
> ( No one should be able to see the shared resources of 
others)
> I have googled around and all what I have found is blocking 
it on the edge
> communication equipment ( router, xDSL modemd..etc) Which 
will be done.
> The most important thing is to disable it internally ( 
inside the LAN)
> Any suggestions???
> Taking in consideration that there is  DHCP server for the 
clients ( If it
> can contribute in the Solution)
> Best Regards,
> Kareem Mahgoub
>
>
> ------------------------------------------------------------
---------------
> Ethical Hacking at the InfoSec Institute. Mention this ad 
and get $545 off 
> any course! All of our class sizes are guaranteed to be 10 
students or less 
> to facilitate one-on-one interaction with one of our expert 
instructors. 
> Attend a course taught by an expert instructor with years 
of in-the-field 
> pen testing experience in our state of the art hacking lab. 
Master the skills 
> of an Ethical Hacker to better assess the security of your 
organization. 
> Visit us at: 
> http://www.infosecinstitute.com/courses/ethical_hacking_trai
ning.html
> ------------------------------------------------------------
----------------
>
Doug Massey MCSE, CISSP
Massey Technologies, Inc.
301-717-6404

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------