[cumbria_lug] Windows Network Noise on the Net.

[Ian Linwood]

Hello Roger,

Thursday, December 23, 2004, 11:56:10 AM, you wrote:

RC> Ian,Steve et al...

RC> This is very interesting to me - I was also confusing NetBEUI and NetBIOS as
RC> I was reading the posts. I feel some positive advice (other than 'ditch that
RC> last Windows machine'...) might be a nice Xmas pressie...

OK, pull the cat5 from the router - its the only way to be truly safe.

see: http://www.openbsd.org/faq/pf/index.html for how OpenBSD/pf is
much better, and much easier to create/read firewall rules, with built
in antispoofing and methods of how to stop TCP/IP fingerprinting.

To give yourself nightmares before Christmas:
http://www.packetstormsecurity.org/docs/infosec/

Obviously, for linux:
http://www.netfilter.org/documentation/index.html#documentation-howto

For Windoze:
http://www.zonealarm.com/
oh, and you'll also need this
http://www.grisoft.com/us/us_index.php

of you wand to put av on your linux box (to scan those samba shares!)
www.clamav.net

or if you _want_ a commercial av www.kaspersky.co.uk  is updated very
frequently and is easy to install/maintain.

RC> However, before the network pros on this list gang up on us people who
RC> prefer to avoid the black arts, I checked out my own NAT Router (a
RC> Draytek/Vigor unit - which is a cut above many consumer units for control
RC> and management) and confirmed that the default firewall rules block both
RC> inbound and outbound NetBIOS traffic.

Yep this is a better piece of domestic kit.

RC> I see no reason why basic consumer routers should not also, even if they
RC> offer no user control in this area.

"Assume" makes a ASS out of yoU and ME. You are correct that most
routers, even the crap ones, have this functionality. If you sourced
your router from an reputable ISP, this may be the default setting.
But if you "do it yourself", there is no guarantee that the
configuration is, cough, "plug and go".

-- 
Best regards,
 Ian