> I am trying to persuade a client NOT to map a drive through two firewalls to > an untrusted server in a DMZ to run an application. I've tried Googling > Netbios and security, but get so many entries as to be useless. > Other than the latency issues, and my ten cents that it seems to me to be an > enormously foolish idea, can you folks offer me any further ammunition?
Here is your silver bullet: it won't work :) The SMB+NetBIOS+TCP/139 protocol is not NAT aware. So unless your client is using public IP addresses internally, it will just fail. Regards, - Nicolas RUFF
