nanog mailing list archives
Re: Operational impact of filtering SMB/NETBIOS traffic?
From: Jim Mercer <jim () reptiles org>
Date: Sun, 19 Nov 2000 12:29:23 -0500
On Sun, Nov 19, 2000 at 02:38:04AM -0800, Roeland Meyer wrote:
You are assuming (wrongly) that microshit is the only one using that protocol. Have you never heard of the samba project? I remember explicitly referencing smb.conf files. That's Unix/Samba bud. I also mentioned that it works better than NFS. I don't recall microshit-anything shipping with NFS. Believe it or not, one or two of us actually know what we're doing.
as far as samba working better than NFS, that is a religious argument. if you are using SMB to share files between unix systems, then i have a bit of trouble with that last line of the above. personally, i can't think of any applications where i would attempt to do any kinda filesystem sharing across the internet. i suspect the widespread use of SMB on the internet is again, because of the brain-dead applications produced by a braindead company and software produced by lazy programmers working in the braindead company's API's. why does the application need a "share"? can it not just negotiate the information needed without mounting the entire office over a 33.6K connection?
geez, if the filter was there, are you saying that people who _need_ SMB shares are too brain-dead to come up with a straight forward way to make it get around the filter?There is no straight-forward way around a filter, by definition the straight-forward way is to not have the filter!
no, the brain-dead easy way around the filter is to have no filter at all. i'm not an SMB user (outside a few LAN's where we explicitly drop it all on the floor before it gets out of the network). could you not use an IPSec tunnel from one LAN to another, then run SMB over that tunnel? is it not possible to use ssh port forwarding to move the packets through a secure tunnel that way? -- [ Jim Mercer jim () reptiles org +1 416 410-5633 ] [ Reptilian Research -- Longer Life through Colder Blood ] [ Don't be fooled by cheap Finnish imitations; BSD is the One True Code. ]
Current thread:
- RE: Operational impact of filtering SMB/NETBIOS traffic?, (continued)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Joe Shaw (Nov 14)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Joe Shaw (Nov 14)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Joe Shaw (Nov 14)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Roeland Meyer (Nov 18)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Jim Mercer (Nov 18)
- RE: (Already happening) Operational impact of filtering SMB/NETBIOS traffic? Derrick (Nov 18)
- Re: (Already happening) Operational impact of filtering SMB/NETBIOS traffic? Dana Hudes (Nov 18)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Jim Mercer (Nov 18)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Shawn McMahon (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Travis Pugh (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Valdis . Kletnieks (Nov 19)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Roeland Meyer (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Jim Mercer (Nov 19)
- RE: Operational impact of filtering SMB/NETBIOS traffic? Roeland Meyer (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Shawn McMahon (Nov 19)
- Re: Operational impact of filtering SMB/NETBIOS traffic? Adam Rothschild (Nov 20)
- ISPs as content-police or method-police Ehud Gavron (Nov 20)
- Re: ISPs as content-police or method-police Valdis . Kletnieks (Nov 20)
- RE: ISPs as content-police or method-police Christian Kuhtz (Nov 20)
- Re: ISPs as content-police or method-police Shawn McMahon (Nov 20)
- Re: ISPs as content-police or method-police Ben Browning (Nov 20)
- RE: ISPs as content-police or method-police Christian Kuhtz (Nov 20)
- Re: ISPs as content-police or method-police John Kristoff (Nov 20)