Computer network design and defense
Be designing a computer network properly you can help ensure that it minimizes the effects of malware outbreaks such as worms and other assorted malcode. One of the simplest network design concepts is to use a router to screen traffic going to and coming out of subnets. This is also known as a "screened subnet" and is not a new idea but one that is simply, in my experience, not used widely. What would be an example of screened traffic you ask? Well for one you might want to screen out the NetBIOS traffic between subnets. Doing this would cut down on any worms trying to spread via network shares. Food for thought isn’t it? You may wish to give this article a read if this subject is of interest to you.
Technorati Tags: Computer network, Subnet, Screened subnet, NetBIOS, Router
Emre Yazgan Says:
January 3rd, 2007 at 9:09 am
hi in advance….we have to close NetBIOS?(port 135)
Don Parker Says:
January 3rd, 2007 at 11:31 am
Hello Emre,
What you do is disallow NetBIOS broadcasts between subnets. That would entail not allowing port 137, 138, 139, and 445 to traverse subnets. Port 135 is the DCERPC service.
Cheers,
Don
Emre Yazgan Says:
January 3rd, 2007 at 2:04 pm
oh ok..thankx again….Also everybody speaks about NETBIOS vulnerability..Do you agree that it is a very important threat for our Windows security..?
Don Parker Says:
January 3rd, 2007 at 2:18 pm
Hello Emre,
NetBIOS protocols are required for what Windows does best ie: networking computers and sharing files. Due to this you would want to leave them functioning. Just do your best to secure access to file shares ie: don’t allow inbound traffic through your router for port 137, 138, 139 and 445, use passwords and so on.
Cheers,
Don
Emre Yazgan Says:
January 3rd, 2007 at 2:59 pm
thank you MR Parker…Have a nice new year…..
Alex Saca Says:
November 25th, 2008 at 12:21 am
If the designing of the computer network is perfect nobody will experience any problem while accessing the data…Good..