On 9 Apr 99, at 12:17, Ben Nagy wrote:
> Okay, I'm prepared to look stupid.
>
> Why would the layout require an exposed NBT server? My na�ve visualisation
> was of packets going out from happyinternalhost.com to tcp/udp 138/139 on
> suspicious.bigbadinternet.com. The packets would be allowed out by the
> firewall, the response would come back, get cleared (established traffic)
> and the session would be established.
>
> The internal hosts would need some entry to map the NB to IP addresses, but
> couldn't an internal WINS server or LMHOSTS file take care of that?
>
> This would not allow happyinternalhost to share any of its own files with
> suspicious though.
Do we know that NBT can work in this non-reciprocal fashion? Will
suspicious allow happyinternalhost access to its shares if it is
blocked from initiating NBT traffic to same? While NBT is generally
used in a client-server style, it actually implements peering, and I'm
reluctant to assume that it works if you prevent peering from happening.
Also, suspicious is going to be configured to (at least) serve
incoming NBT traffic. MOST of the NBT traffic on the big bad net is
from unprotected Windows machines, but some of it can be malicious,
looking for same. suspicious is a sitting duck, open to NBT and not
behind the firewall.
David G
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
