nanog mailing list archives
RE: Operational impact of filtering SMB/NETBIOS traffic?
From: Roeland Meyer <rmeyer () mhsc com>
Date: Sun, 19 Nov 2000 09:06:06 -0800
How closely have you looked at Samba sources? BTW, I've done it through SSH tunnels too. The problem is that some SAs (a fair large percentage) think that a port labeled "secure" (port 22) means that they have to take special care to make sure that it is blocked (yes, they are the recently lobotomized). So, three-quarters of the time, a VPN is not do-able and you are forced to go plain-text direct. If, in addition, you block the NetBIOS ports then you block application-level access for 80% of internet users.
-----Original Message----- From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] Sent: Sunday, November 19, 2000 8:19 AM To: Roeland Meyer Cc: 'Scott Call'; nanog () nanog org Subject: Re: Operational impact of filtering SMB/NETBIOS traffic? On Sat, 18 Nov 2000 20:19:12 PST, Roeland Meyer <rmeyer () mhsc com> said:shares on the internet? We use SMB/Samba INSTEAD of NFSbecause we believeSMB to be more secure. smb.conf certainly gives moresecurity options thanexports does.Don't confuse "more options" with "more security". A protocol can have dozens of options, but yet be fundementally insecure. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
Current thread:
- RE: Operational impact of filtering SMB/NETBIOS traffic?, (continued)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Joe Shaw (Nov 14)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Roeland Meyer (Nov 18)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Jim Mercer (Nov 18)
- RE: (Already happening) Operational impact of filtering SMB/NETBIOS traffic? Derrick (Nov 18)
- Re: (Already happening) Operational impact of filtering SMB/NETBIOS traffic? Dana Hudes (Nov 18)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Jim Mercer (Nov 18)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Shawn McMahon (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Travis Pugh (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Valdis . Kletnieks (Nov 19)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Roeland Meyer (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Jim Mercer (Nov 19)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Roeland Meyer (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Shawn McMahon (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Adam Rothschild (Nov 20)
- ISPs as content-police or method-police Ehud Gavron (Nov 20)
- Re: ISPs as content-police or method-police Valdis . Kletnieks (Nov 20)
- RE: ISPs as content-police or method-police Christian Kuhtz (Nov 20)
- Re: ISPs as content-police or method-police Shawn McMahon (Nov 20)
- Re: ISPs as content-police or method-police Ben Browning (Nov 20)
- RE: ISPs as content-police or method-police Christian Kuhtz (Nov 20)
- Re: ISPs as content-police or method-police John Kristoff (Nov 20)
- Re: ISPs as content-police or method-police joshua stein (Nov 20)