hi pple, well the reason why i ask this is because, recently i was told by my network manager that there is a virus which uses netbios (udp 137, tcp 138 and tcp 139) as a transport and had acrosses the WAN from a spoke site to a hub site. And i was told to put an ACL by blocking the above port on the fastethernet interface, well i was kind of confuse as in, i remember that netbios arnt routable across the WAN, IF, and i mean IF there is really such virus uses this ports, they shouldnt be able to traverse to the other site across the WAN rite?? And when i did some debug ip packet, the udp 136 and or ofcourse the tcp138 and 139, was captured and dropped! at the fastethernet interface and TR interface (i had place the ACL on both fastether and TR) but when i place it on the serial, i dun see any udp 136 at all!...i jus need some clarification from people at this forum here
Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71227&t=71084 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]