Re: Blocking NetBios

[Doug Massey <doug () masseytechnologies com>]

Depends upon the OS.  Win2K/XP you can turn off netbios in 
the network connection properties and disable he TCP netbios 
helper service.  If you are using AD, you can create an 
IPSEC policy to block those ports on all machines in the 
domain.  




---- Original message ----
> Date: Thu, 10 Jun 2004 11:21:03 +0300
> From: "Kareem Mahgoub" <kareem () thewayout net>  
> Subject: Blocking NetBios  
> To: <security-basics () securityfocus com>
>
> Hi list,
> I have a request from one of our clients to block NetBios 
in thier Network
> ( No one should be able to see the shared resources of 
others)
> I have googled around and all what I have found is blocking 
it on the edge
> communication equipment ( router, xDSL modemd..etc) Which 
will be done.
> The most important thing is to disable it internally ( 
inside the LAN)
> Any suggestions???
> Taking in consideration that there is  DHCP server for the 
clients ( If it
> can contribute in the Solution)
> Best Regards,
> Kareem Mahgoub
>
>
> ------------------------------------------------------------
---------------
> Ethical Hacking at the InfoSec Institute. Mention this ad 
and get $545 off 
> any course! All of our class sizes are guaranteed to be 10 
students or less 
> to facilitate one-on-one interaction with one of our expert 
instructors. 
> Attend a course taught by an expert instructor with years 
of in-the-field 
> pen testing experience in our state of the art hacking lab. 
Master the skills 
> of an Ethical Hacker to better assess the security of your 
organization. 
> Visit us at: 
> http://www.infosecinstitute.com/courses/ethical_hacking_trai
ning.html
> ------------------------------------------------------------
----------------
>
Doug Massey MCSE, CISSP
Massey Technologies, Inc.
301-717-6404

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------