Hi,
first of all, netbios is not multicast, they are either broadcast or
unicast. multicast is dealt with when src/dest addresses are 224.x.y.z.
You can not stop packets from appearing on a network, the only thing you
can do is to keep them from being forwarded between interfaces. For
example, preventing packets from the Internet to the LAN, or preventing
certain hosts to access other parts of the network.
Netbios uses UDP on ports 137,138 and TCP od port 139.
Windows NT/2k, uses TCP on port 135.
Also Windows 2k may use TCP on port 445. (I only read about it, not
confirmed by my experience, but the port is utilized for this type of data
delivery).
As far as I remember, 137 and 138 are brodcasts and can be unicasts, 139
port data are only unicasts.
One note on netbios.
Internet
|
PC1 -- PC2 -- PC3 -- ROUTER -- PC4 -- PC5 -- PC6
You can prevent PC2 from talking to PC4 and vice versa.
You can't prevent PC2 from talking to PC1.
You should prevent the Internet from talking to PCX.
You may allow certain hosts from the Internet to talk to PCX.
You may allow certain PCs to talk to the Internet.
I Hope that explains a lot.
Regards,
Maciej Soltysiak
