NetBIOS

[Guest]

Archived from groups: comp.security.firewalls (More info?)

I found this information online... Is this true?





"What is needed is not to enable NetBIOS on internet connections. This is
the cause of the problem. A firewall should be unnecessary. A computer
should work fine without a firewall. A firewall is an EXTRA level of
protection, like a moat. The standard mode of operating should be the
walls."

Open Network Connections. Select a Network Connections, Properties
Networking tab, IP Address, Properties, Advanced and WINS tab
Select "Disable NetBIOS over TCP/IP"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

TisMe wrote:

(snipped)

> Open Network Connections. Select a Network Connections, Properties
> Networking tab, IP Address, Properties, Advanced and WINS tab
> Select "Disable NetBIOS over TCP/IP"

I am having some difficulties with this. Not all Win32
systems display those precise features. Did the author
of that statement specify a select system? Would you
mind providing a link to this commentary?

Purl Gurl

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Purl Gurl wrote:

> TisMe wrote:

(snipped)

> > Open Network Connections. Select a Network Connections, Properties
> > Networking tab, IP Address, Properties, Advanced and WINS tab
> > Select "Disable NetBIOS over TCP/IP"

> I am having some difficulties with this. Not all Win32
> systems display those precise features. Did the author
> of that statement specify a select system? Would you
> mind providing a link to this commentary?


That commentary is written by David Candy, correct?


Purl Gurl

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

TisMe wrote:

> I found this information online... Is this true?

> "What is needed is not to enable NetBIOS on internet connections. This is
> the cause of the problem.

(snip)

What is the context? The problem the passage was originally referring too?

It sounds suspect anyway, I wouldnt dream of accessing the internet
without a firewall in this day and age.

--
May the ping be with you ....

Registered Linux user #355729

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Stalks wrote:
: TisMe wrote:
:
:: I found this information online... Is this true?
:
:: "What is needed is not to enable NetBIOS on internet connections.
:: This is the cause of the problem.
:
: (snip)
:
: What is the context? The problem the passage was originally referring
: too?
:
: It sounds suspect anyway, I wouldnt dream of accessing the internet
: without a firewall in this day and age.

This was on a page in reference to popup blocking. I am like you.
I wouldn't dream of removing my firewall just because of a page like this.
I would of posted their page but I couldn't see giving that page the time of
day.
I just never heard of it before, and was curious.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

TisMe wrote:
> I found this information online... Is this true?
>
>
>
>
>
> "What is needed is not to enable NetBIOS on internet connections. This is
> the cause of the problem. A firewall should be unnecessary. A computer
> should work fine without a firewall. A firewall is an EXTRA level of
> protection, like a moat. The standard mode of operating should be the
> walls."
>
> Open Network Connections. Select a Network Connections, Properties
> Networking tab, IP Address, Properties, Advanced and WINS tab
> Select "Disable NetBIOS over TCP/IP"

It was almost true in 1995, if you were running win95, using a non-MS
browser and had no local network at all. Tho you would probably still be
vulnerable to the good old ping-of-death.
Where did you dig it up? antique.propoganda.cache.google.com?
E.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

>It was almost true in 1995, if you were running win95, using a non-MS
>browser and had no local network at all. Tho you would probably still be
>vulnerable to the good old ping-of-death.
>Where did you dig it up? antique.propoganda.cache.google.com?

Speaking of propaganda, the brand of browser has no effect on the efficacy of a
firewall.

For the original poster, it is possible to secure a Windows system without a
firewall, including W2K, but it depends somewhat on your overall configuration
and is a pain in the ass. I have one system set up that way which I use for
testing.
--
Dave "Crash" Dummy - A weapon of mass destruction
crash@gpick.com?subject=Techtalk (Do not alter!)
http://lists.gpick.com

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Hi,

TisMe <anotherMungjob@invalid.duh> wrote:
> "What is needed is not to enable NetBIOS on internet connections. This is
> the cause of the problem. A firewall should be unnecessary.

This is true for OS like win98 and older. Or more specifically for
any operating system, which has no servers running by default. The
only active service you had with WIN98 and the likes was netbios over TCP/IP.

In general: If you deactive all services, all which is left to attack
is the IP-stack.

If you install a "firewall" (Aka hostbased paketfilter) on the very
same machine, you still have this attackwindow if the firewall does not
implement it's own IP-stack.

Greetings,
Jens

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

E. wrote:
: TisMe wrote:
:: I found this information online... Is this true?
::
::
::
::
::
:: "What is needed is not to enable NetBIOS on internet connections.
:: This is the cause of the problem. A firewall should be unnecessary.
:: A computer should work fine without a firewall. A firewall is an
:: EXTRA level of protection, like a moat. The standard mode of
:: operating should be the walls."
::
:: Open Network Connections. Select a Network Connections, Properties
:: Networking tab, IP Address, Properties, Advanced and WINS tab
:: Select "Disable NetBIOS over TCP/IP"
:
: It was almost true in 1995, if you were running win95, using a non-MS
: browser and had no local network at all. Tho you would probably still
: be vulnerable to the good old ping-of-death.
: Where did you dig it up? antique.propoganda.cache.google.com?
: E.


http://www.mvps.org/sramesh2k/Popups.htm

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Crash" Dummy wrote:

>>It was almost true in 1995, if you were running win95, using a non-MS
>>browser and had no local network at all. Tho you would probably still be
>>vulnerable to the good old ping-of-death.
>>Where did you dig it up? antique.propoganda.cache.google.com?
>
>
> Speaking of propaganda, the brand of browser has no effect on the efficacy of a
> firewall.

Depends entirely on what content/scripting the browser supports, what
vulns are about for that browser, and what content types the firewall
can block/enable/disable.
>
> For the original poster, it is possible to secure a Windows system without a
> firewall, including W2K, but it depends somewhat on your overall configuration
> and is a pain in the ass. I have one system set up that way which I use for
> testing.

It can be secured against inbound, but outbound is much harder if not
impossible. If you throttle TCP/IP and only allow specific outbound
ports, it would be irrelevant to the system what was using those ports.
e.g allowing out 25 would allow both normal email, virii such as sircam
and trojan spam remailers.*

It seems the original quote was in relation to receiving messenger
service pop-ups, making the quote, in context, correct.
E.

*Bad example. I doubt anyone with the nouse to harden W2K properly is
going to turn around and expose it to the 'net without an antivirus
package, making the specific illustration unlikely to ever occur in the
real world.