At 18:15 6/12/2003, Kirk Friggstad wrote: >For another example (just discovered this today at >http://www.mynetwatchman.com/kb/security/ports/17/137.htm - scroll down to >the "False Positives" section at the end) - on a Windows web server, if >Netbios is bound to the public IP address of the server, IIS will attempt to >do a direct Netbios query back to the client if RDNS fails. This causes (a) >unnecessary network traffic and (b) false alarms on firewalls, etc. Which >reminds me - I need to check on my Netbios bindings on my Windows boxes...
This is a well-known issue in the security community. It's also one of the reasons why NetBIOS ports are so often blocked at border routers...:) - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
