Re: [FW-1] How to stop FW machine to send nbname from itself?

[Jim Parker <jim@FW1-NOSPAMJIMPARKER.CO.UK>]

On a microsoft OS you will see this behaviour, my advice would be to install a loopback adapter and then change the bindings so that ONLY TCP/IP traffic is bound to the ethernet adapters... This would mean that all NetBIOS traffic ceases.

 

If you are blocking 139 and losing connectivity then you are using NetBIOS shares etc to map network drives... a very bad idea on a DMZ.

 

If you are going to connect to webserver from your private network you really don't want to using SMB!

 

Jim

 

 

-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST@beethoven.us.checkpoint.com]On Behalf Of Don Scott
Sent: 04 April 2002 22:05
To: FW-1-MAILINGLIST@beethoven.us.checkpoint.com
Subject: Re: [FW-1] How to stop FW machine to send nbname from itself?

Hello Jignesh,

 

I have been trying to block nbname, nbdatagram, and nbsession packets at our FW-1. In our case however, when I block port 139 we lose connectivity to the web server. Anyone else have this problem.

 

Thanks,

 

Don Scott

-----Original Message-----
From: Jignesh Pathak [mailto:jpathak@TAXCUT.COM]
Sent: Thursday, April 04, 2002 2:23 PM
To: FW-1-MAILINGLIST@beethoven.us.checkpoint.com
Subject: [FW-1] How to stop FW machine to send nbname from itself?

 

Hello:

 

We have installed FW-1 v.4.1/SP5 on Windows 2000 SP2 at our client location. We have AnyàAnyàNBTàDrop rule base to drop nbname, nbtdatagram packets and FW is doing so. But FW logs shows that FW machine itself is sending nbname packets to internet side. How can I stop this? Is there any performance issue?

 

Thanks,

 

Jignesh