nanog mailing list archives
RE: zotob - blocking tcp/445
From: "Church, Chuck" <cchurch () netcogov com>
Date: Tue, 16 Aug 2005 13:44:27 -0500
On Mon, 15 Aug 2005, Church, Chuck wrote:
'enterprise security folks' are probably not the issue... The factremainsthat lots of folks DO do this :( There are quite a few folks between 'consumer' and 'enterprise' that do all manner of dumb things on the Internet (where 'dumb' is equivalent to running smb shares across
the
public network minus encryption/ipsec). It's their choice to do that,andtheir network providers are expected/demanded to pass those packets
for
them.-ChrisSurely the ratio of 'useful' traffic compared to 'junk' for a
particular
protocol must be considered. What percentage of netbios entering a
on your piece of the network you can consider the ratio of pigs to birds, or good to bad traffic or phases of the moon, it's your network do what you will. I can say that if you have a vocal enough customer the blocks won't last very long, or the customer will find another network to connect to... *** Rules are going to be different for residential vs. business customers. Business customers who aren't on crack probably know better to block netbios in and out. But residential customers, I think you'll win more customers than lose by taking some proactive blocking measures.
service provider's edge is intentional? 1%? 0.1%? I'm guessing much less than that. If 5 or 6 nines worth of a particular protocol
entering
or leaving an ISP's network is unintentional, and highly susceptible
to
viral activity, isn't it in our best interest to block it? With
proper your best interest might be to do that sure... 'your network, your call'.
notification to subscribers and instructions on setting up
host-to-host
PPTP/whatever, blocking netbios can solve a large bunch of issues....
please send my instructions for host-to-host pptp that my grandmother can follow without help of techsupport. *** Well, if you grandmother is already familiar with mapping drives and modifying her lmhosts file.... :)
Current thread:
- RE: zotob - blocking tcp/445, (continued)
- RE: zotob - blocking tcp/445 Christopher L. Morrow (Aug 15)
- RE: zotob - blocking tcp/445 Erik Amundson (Aug 15)
- Re: zotob - blocking tcp/445 sthaug (Aug 16)
- Re: zotob - blocking tcp/445 William Warren (Aug 17)
- Re: zotob - blocking tcp/445 Andy Johnson (Aug 17)
- Re: zotob - blocking tcp/445 Daniel Senie (Aug 17)
- Re: zotob - blocking tcp/445 Petri Helenius (Aug 17)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 17)
- Re: zotob - blocking tcp/445 Sane Jiri (Aug 16)
- Re: zotob - blocking tcp/445 MARLON BORBA (Aug 16)
- RE: zotob - blocking tcp/445 Church, Chuck (Aug 16)
- Re: zotob - blocking tcp/445 Valdis . Kletnieks (Aug 16)
- Re: zotob - blocking tcp/445 Christopher L. Morrow (Aug 16)
- Re: zotob - blocking tcp/445 Sean Donelan (Aug 16)
- Re: zotob - blocking tcp/445 Valdis . Kletnieks (Aug 16)
- Re: zotob - blocking tcp/445 Bill Nash (Aug 18)
- Re: zotob - blocking tcp/445 Andy Johnson (Aug 18)
- Re: zotob - blocking tcp/445 Peter Dambier (Aug 18)
- Re: zotob - blocking tcp/445 My Name (Aug 18)