Date: Sun, 3 Sep 2000 13:36:47 -0500 (CDT) From: Mike Meyer <mwm@mired.org> To: groggy@iname.com Cc: questions@freebsd.org Subject: Re: signature? Message-ID: <14770.39487.46522.546296@guru.mired.org> In-Reply-To: <25395295@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
groggy@iname.com writes: > > It's not port UDP 68, it's netbios-ns; it's Windows boxs that like to do a > > netbios nameserver lookup on whoever connections to them. MS assumed that > > anything connecting to them "must" be a windows box and tries to log the > > Netbios name of it.... these end up as mostly noise in firewall logs. > > > > I specifically disabled monitoring of UDP 137/138 in my own firewalls as the > > number of stupid IIS servers that kept trying to find out the netbios name > > of the squid proxies was filling the logs with useless information... > this sounds good to me :) i figured it was some IIS crap ... > i think my ISP recently replaced their SunOS and System V boxes > with IIS servers - i know they renamed all their boxes - and that's > when this problem started. it still bothers me that they have a right > to clutter my connection with so much useless garbage! i mean, it does > cause "stalls" on connections to my server since 10 seconds > of every minute my connectin is jammed with this garbage ... > it would be a hassle to change providers for many reasons, > do i have any right to make them stop? :) i mean, it's > almost a DOS attack, isn't it? :) If you feel like it's a DOS (or some other form of) attack, then it is. Treat it as one - as correctly as possible. Don't assume that they are doing it on purpose, or even know that it's going on. Report it as an attack that may be coming from somone having broken into their systems, and ask them to deal with it. <mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14770.39487.46522.546296>