From: by way of Micronet mailing list administrator (jakef_at_socrates.berkeley.edu)
Date: Tue Aug 05 2003 - 15:08:04 PDT
>micronet et al,
>
>Unfortunately, I'm out for the next few days but I wanted to put in my 2
>cents on this issue.
>
>I can certainly understand Craig's reluctance to block the ports given the
>serious problems this will cause for units whose operations depend on
>using net-bios. That being said, I personally agree with CNS and others
>that the breadth and severity of this vulnerability warrants blocking the
>ports temporarily, even though it will have a negative impact on some
>campus operations. This is a tricky balancing act and I hope we all can
>see both sides of the debate.
>
>
>Since January, I have been working to document a case to block net-bios at
>the gateway. I have been working with CNS and others within SNS to
>document attack trends and network usage both legit and aggressive.
>
>As soon as this vulnerability was announced, I started soliciting input
>from various departments as to our explosibility, and actions departments
>were taking. I will be adding all of your comments to the Project
>notes [SNS #9838],in order to bolster the argument for permanently
>blocking net-bios as soon as we have a viable alternate
>solution. Hopefully, this case will highlight the inherently insecure
>nature of net-bios and push us all to pick up the pace on moving to a
>more secure and robust solution, and what I feel are industry best practices.
>
>I feel badly about being out at this critical time, but I have a family
>obligation this weekend and the early part of next week that I cannot
>reschedule.
>
>I will be back on 8/6 to assist with these issues.
>
>jake-F
>
>
>
>-------------------------------------------------------------------------
>Jake F Harwood University of California, Berkeley
> 2484 Shattuck Avenue
> Phone (510)643-8241
> Cell (510)390-2580
>"Who is this General Failure and why is he reading my hard drive?" -F
>-------------------------------------------------------------------------
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2.1.5 : Tue Aug 05 2003 - 15:16:26 PDT