zotob - blocking tcp/445
Daniel Golding
dgolding at burtongroup.com
Tue Aug 16 02:15:22 UTC 2005
On 8/15/05 4:46 PM, "Randy Bush" <randy at psg.com> wrote:
>
>>>> I'm not nearly confident enough to decide on behalf of almost
>>>> billion other people how they should benefit from the Internet
>>>> and how not to.
>>> thanks for that!
>> Indeed. Also see
>> http://www.iab.org/documents/docs/2003-10-18-edge-filters.html
>
> as i just replied to a private message from an enterprise op,
>
> o backbone isps can not set their customers' security policy
> - some customers want to run billyware shares over the wan
> whether we advise it or not
> - some of us host security researchers, who have a taste
> for 445 and other nasty traffic
>
While its not uncommon to run SMB/Windows file system drive mounts across
private WANs, doing so across the Internet, on a non-encrypted tunnel, is
the equivalent of running with scissors.
I am unaware of any enterprise security folks foolish enough to allow that.
Of course, I may be sheltered.
(as an aside - running windows file system mounts across enterprise WANs is
so common that there are WAN optimization devices that improve remote disk
mount performance via protocol spoofing)
- Dan
> o enterprise / site ops can set their users' security policies
> as that's part of their job and charter
>
> randy
>
More information about the NANOG
mailing list