North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Operational impact of filtering SMB/NETBIOS traffic?

  • From: Paul Thornton
  • Date: Tue Nov 14 17:14:43 2000

On Tue, 14 Nov 2000, Scott Call wrote:

> Because this traffic is IP traffic, I wanted to ask others on this list
> how they treat SMB traffic on their backbones? 

One of the things I considered doing was filtering 137-139 in our data
centres to reduce risk to customers' poorly (usually through knowing no
better, so no offence intended here) configured NT boxes.  It does seem,
however, that people do want truly unrestricted NetBIOS over IP connectivity
into their boxes "So we can browse the server from the office" being a
familiar cry.  As a result of this, we didn't go ahead with the intended

Experience has taught me that people (a) do this, and do it a lot
(certainly in Europe, YMMV elsewhere); and (b) a good number of them are
happy to have a server with little external filtering/firewalling/protection
doing it.  I find this particularly scary...


Not speaking for my employer, in case you know who they are...