Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Firewall Rules for NT Server and PDC

From: Patrick Giagnocavo <patrick () zill net>
Date: Wed, 11 Jul 2001 13:24:14 -0500
On Wed, Jul 11, 2001 at 02:04:34PM +0200, Dawes, Rogan (ZA - Johannesburg) wrote:

I'm not suggesting that this could simply be used without thought or effort.

The serious implication (for those who don't realise what a problem protocol
NetBIOS is already) is that if one is allowing netbios traffic through a
firewall, intending to allow only authentication perhaps, apart from the
obvious  file and print access possibilities, the range of exploits is
actually infinite, based on what commands can be executed using psexec.


I agree that NetBIOS is a horrid beast to be avoided. 

But can't people who need to just stick NetBIOS on top of TCP/IP?  

Then you can use existing rules to filter that.  Drop any other kind of
packets (like IPX, NetBEUI) and if a luser complains, then you know that
they haven't got their machine set up properly.

Cordially

Patrick Giagnocavo
patrick () zill net
Web Hosting http://www.zill.net
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: