Shouldn't those filter lines go into standard.filter???
You could remove Client for Microsoft networks if you don't need it on the Windoze
boxes
Also disable netbios uses DNS. A registry entry.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP
"EnableDNS=0" it will be 1 which does a DNS to find other netbios machines.
Does Microsoft and Bizarre come to mind?
To see if this is turned on run winipcfg.
For the above thank Joel Knight Dec 16 98 diald archives or before.
Also see archives MAr 15 99 from [EMAIL PROTECTED] for windows netbios filter rules
JAH
From: "Rich Goldman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: Re: filtering netbios
Date sent: Tue, 27 Apr 1999 23:04:57 -0400
> I'm having the same problem as Lonny. I've constructed the following
> diald.conf to try to filter the netbios stuff, but it doesn't seem to have
> helped. all of the netbios lines are in /etc/services. Do I perhaps have
> a syntax problem?
>
> Rich Goldman
> [EMAIL PROTECTED]
>
>
> #Windows NetBIOS
> #tcp
> ignore tcp tcp.dest=tcp.netbios-ns
> ignore tcp tcp.source=tcp.netbios-ns
> ignore tcp tcp.dest=tcp.netbios-dgm
> ignore tcp tcp.source=tcp.netbios-dgm
> ignore tcp tcp.dest=tcp.netbios-ssn
> ignore tcp tcp.source=tcp.netbios-ssn
> #udp
> ignore udp udp.dest=udp.netbios-ns
> ignore udp udp.source=udp.netbios-ns
> ignore udp udp.dest=udp.netbios-dgm
> ignore udp udp.source=udp.netbios-dgm
> ignore udp udp.dest=udp.netbios-ssn
> ignore udp udp.source=udp.netbios-ssn
> #nterm
> ignore tcp tcp.source=tcp.nterm
> ignore tcp tcp.dest=tcp.nterm
> #End Win NetBIOS
> fifo /etc/diald/diald.ctl
> mode ppp
> connect "sh /usr/doc/diald-0.16.4-1/connect"
> keepalive 900
> device /dev/cua1
> speed 38400
> modem
> lock
> debug
> crtscts
> local 192.168.0.20
> remote 192.168.0.30
> dynamic
> defaultroute
> pppd-options asyncmap 0
> include /usr/lib/diald/standard.filter
> accounting-log /var/log/dialdaccounting
>
> > > Just a quick (many times asked) question.
> >
> > > What lines do need to add where to filter out netbios (W98 file
> > > sharing)
> to
> > > keep it from bringing up diald on my linux box?
> >
> > Block all outbound (and inbound if you care a lick for security)
> > tcp and udp in the port range of 135-139. That should cover you for
> almost
> > of the the pure netbios stuff. If you've got things like PPTP running,
> > you got other problems...
> >
> > > I'm running RH5.2, diald-16.5a, kernel 2.0.35
> >
> > > Thanks for the help!
> >
> > > Lonny
> > > [EMAIL PROTECTED]
> >
> > Mike
> > --
> > Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
> > (The Mad Wizard) | (770) 925-8248 |
> http://www.wittsend.com/mhw/
> > NIC whois: MHW9 | An optimist believes we live in the best of
> > all
> > PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
> >
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe linux-diald"
> > in the body of a message to [EMAIL PROTECTED]
> >
>
>
> -
James A. Haliburton
On-Site Computer Services of Halifax
Suite 100, 25 Walton Drive
Halifax, Nova Scotia
Canada B3N 1X6
Cell/Pager (902)499-5250
Home/Office (902)477-8342
Alternate e-mail is [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
