From: David Anderson (dma@xxxxxxxxx)
Date: Wed May 30 2001 - 20:25:33 GMT-3
I believe this would be an issue with deny specific saps
For Netbios, you would want to disable saps F0 (request) F1 (send). This
should disallow all netbios traffic. For SNA you could use the following
0x0000 0x0D0D
That will allow all SNA saps.
HTH,
David
At 07:00 PM 5/30/2001 -0400, W. Alan Robertson wrote:
>Since we've had a flurry of DLSW today (Three posts or so), I figured
>I'd let one loose as well...
>
>As the topic indicates, I'd like to prevent the exchange of all
>NetBIOS reachability information across the enterprise. What is the
>best way to go about this? I can't seem to find a cure all "dlsw
>disable netbios" command, or anything resembling it. The best my
>peers have been able to come up with is hard coding names as being
>unreachable, preventing explorers. This sounds like a tremendous pain
>in the a** to me as they will have to constantly keep an eye out for
>new hosts being searched. It sounds like a logistical nightmare to
>me.
>
>I've been pouring through the documentation... Where's the magic
>bullet?
>
>Alan
>**Please read:http://www.groupstudy.com/list/posting.html
David Anderson
Network Design Engineer
Enterprise Solutions Architecture & Design
(408) 853-5515
dma@cisco.com
| |
..:|||||||:...:|||||||:..
C I S C O S Y S T E M S
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:57 GMT-3