Re: NetBEUI and security

From: shope (stephen_hope@ntlworld.xx.com)
Date: 10/29/02 

From: "shope" <stephen_hope@ntlworld.xx.com>
Date: Tue, 29 Oct 2002 21:02:45 -0000

"§µnnýß©" <§µnnýß@usa.net> wrote in message
news:jk8tru0re68cs3k27a9i243oj662bupll5@srb.com...
> On 28 Oct 2002 12:07:53 -0800, craig.athome@virgin.net (craig) wrote:
>
> > Hi folks,
> >
> > I'm considering using NetBEUI on a small network with internet access,
> > for file and print sharing. i.e remove TCP/IP bindings from the
> > networking client.
> > My motivation for this is simply another layer of security, due to the
> > non routable nature of NetBEUI.
> >
> > The network is only about 40 users so I'm ok with the viability of
> > NetBEUI, however I wondered what the opinion was on security
> > implications as a whole. Since there is no way to 'control' traffic at
> > a low level, (unlike TCP/IP and firewalls etc.) does this actually
> > increase risk, for example trojans 'information gathering' unseen via
> > NetBEUI?
> >
> > Any thoughts on the matter appreciated
> >
> > TIA
> > Craig
>
> NetBeui is safe for a LAN. It is fast and secure for a network that size.
> TCP/IP is the least safe and slowest of the network protocols.

Surely any exploit using Microsoft networking protocols (NetBIOS, SMB etc)
doesnt care what the underlying transport protocol is.

After all insulation from the network / link layer issues is why those
protocols are used in the 1st place.

I agree that a lot of exploits use TCP specific attacks, but i dont see any
reason to assume that someone who gets code or control of 1 machine on a
NetBEUI LAN cant use Microsoft specific hacks to get at the other local
machines via NetBEUI - whether it happens in practice is another issue.

BTW - 1st root directory traverse program i saw ran across an XNS microsoft
transport.....or NetBEUI.

>
> Even if you are infected by a trojan or virus, the information will not be
> transmitted over NetBeui. TCP/IP is the protocol of choice for almost all
> WAN traffic from trojans.
>
> Our network is over NetBeui. Our internet access is over TCP/IP. Our
network
> traffic is fast and unrestricted. We no longer worry about netbios scans,
> port probes or other internet nastys. Even if one node were to get
> infected, the virus would be restricted to that machine only.
>
> Simple answer: No, it does not increase your risk. It decreases it in
> regards to the LAN traffic.
>
> §ß 

--
Good luck

Stephen Hope - remove xx from address.

Relevant Pages

  • Re: NetBEUI and security
    ... (unlike TCP/IP and firewalls etc.) does this actually ... > implications to make sure you know what you are getting into from a network ... >>I'm considering using NetBEUI on a small network with internet access, ... not bound to the network client or to file & printer sharing. ...
    (comp.security.firewalls)
  • Re: NetBEUI and security
    ... TCP/IP is the least safe and slowest of the network protocols. ... >be transmitted over NetBeui. ... >regards to the LAN traffic. ...
    (comp.security.firewalls)
  • Re: How to restore NetBEUI on XP
    ... If he's like many of us, for some reason TCP/IP does not work for our needs ... NETBEUI often solves networking problems in a small home network ... Windows XP Network Protocols ... instance of a dedicated hardware firewall. ...
    (microsoft.public.windowsxp.network_web)
  • Re: NetBEUI and security
    ... (unlike TCP/IP and firewalls etc.) does this actually ... > increase risk, for example trojans 'information gathering' unseen via ... implications to make sure you know what you are getting into from a network ... > I'm considering using NetBEUI on a small network with internet access, ...
    (comp.security.firewalls)
  • Re: NetBEUI and security
    ... > I'm considering using NetBEUI on a small network with internet access, ... > non routable nature of NetBEUI. ... (unlike TCP/IP and firewalls etc.) does this actually ... Our internet access is over TCP/IP. ...
    (comp.security.firewalls)
Quantcast