Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: zotob - blocking tcp/445

  • From: Church, Chuck
  • Date: Tue Aug 16 14:45:46 2005


On Mon, 15 Aug 2005, Church, Chuck wrote:

> >'enterprise security folks' are probably not the issue... The fact
> remains
> >that lots of folks DO do this :( There are quite a few folks between
> >'consumer' and 'enterprise' that do all manner of dumb things on the
> >Internet  (where 'dumb' is equivalent to running smb shares across
> >public network minus encryption/ipsec). It's their choice to do that,
> and
> >their network providers are expected/demanded to pass those packets
> >them.
> >-Chris
> Surely the ratio of 'useful' traffic compared to 'junk' for a
> protocol must be considered.  What percentage of netbios entering a

on your piece of the network you can consider the  ratio of pigs to
or good to bad traffic or phases of the moon, it's your network do what
you will. I can say that if you have a vocal enough customer the blocks
won't last very long, or the customer will find another network to

***  Rules are going to be different for residential vs. business
customers.  Business customers who aren't on crack probably know better
to block netbios in and out.  But residential customers, I think you'll
win more customers than lose by taking some proactive blocking measures.

> service provider's edge is intentional?  1%?  0.1%?  I'm guessing much
> less than that.  If 5 or 6 nines worth of a particular protocol
> or leaving an ISP's network is unintentional, and highly susceptible
> viral activity, isn't it in our best interest to block it?  With

your best interest might be to do that sure... 'your network, your

> notification to subscribers and instructions on setting up
> PPTP/whatever, blocking netbios can solve a large bunch of issues....

please send my instructions for host-to-host pptp that my grandmother
follow without help of techsupport.

*** Well, if you grandmother is already familiar with mapping drives and
modifying her lmhosts file....  :)

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.