RE: Blocking NetBios

["Brunner, Mark" <MBrunner () tor fasken com>]

This could be done by installing a Personal Firewall package on each workstation.
New ones, Like Symantec's products, let you set "personalities" (standard configurations) up in advance and push 
updates to policy to the clients from a central console.


Cheers!

Mark Brunner
Security Manager
Fasken Martineau DuMoulin LLP
Barristers & Solicitors
Patent & Trade Mark Agents
Toronto, Ontario
http://www.fasken.com

This communication is solicitor/client privileged and contains
confidential information intended only for the person(s) to whom it is
addressed. Any unauthorized disclosure, copying, other distribution of
this communication or taking any action on its contents is strictly
prohibited. If you have received this message in error, please notify us
immediately and delete this message without reading, copying or
forwarding it to anyone.
-----Original Message-----
From: David Gillett [mailto:gillettdavid () fhda edu]
Sent: Thursday, June 10, 2004 5:34 PM
To: 'Kareem Mahgoub'; security-basics () securityfocus com
Subject: RE: Blocking NetBios


  Recent IOS-based Cisco switches include an ability to apply
access lists to filter traffic between switch ports within a
VLAN.  Your client may have to replace some hardware to get
this feature, but it's available if they want it badly enough.

David Gillett

> -----Original Message-----
> From: Kareem Mahgoub [mailto:kareem () thewayout net]
> Sent: Thursday, June 10, 2004 1:21 AM
> To: security-basics () securityfocus com
> Subject: Blocking NetBios
>
>
> Hi list,
> I have a request from one of our clients to block NetBios in
> thier Network
> ( No one should be able to see the shared resources of others)
> I have googled around and all what I have found is blocking
> it on the edge
> communication equipment ( router, xDSL modemd..etc) Which
> will be done.
> The most important thing is to disable it internally ( inside the LAN)
> Any suggestions???
> Taking in consideration that there is  DHCP server for the
> clients ( If it
> can contribute in the Solution)
> Best Regards,
> Kareem Mahgoub

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------