Re: Operational impact of filtering SMB/NETBIOS traffic?

["Gary E. Miller" <gem () rellim com>]

Yo Scott!

On Tue, 14 Nov 2000, Scott Call wrote:

> Due to an increasing number of intrusions into windows-based machines
> through unprotected shares, I've started filtering both incoming and
> outgoing traffic for our customers on ports 138/139.

I have had my upstream filter these ports on me before.  They
get an angry call right away.  I use SMB to mount remote shares,
do remote authentication and remote printing.  Sure most people
do not know how to do this, but I have taught a lot of my
customers to do it.  Road Warriors love it.  They never want to
go back to the old ways.

I have worked at several ISPs that found the easiest way
to reduce the customer list was to start filtering.  A lot of
folks do not complain, they just move on to another ISP.

A good compromise is to notify your customers that you are
providing the extra "service" and let them opt-out if they
choose.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701
        gem () rellim com  Tel:+1(541)382-8588 Fax: +1(541)382-8676