From: Lupi, Guy (Guy.Lupi@xxxxxxxxxxxxx)
Date: Tue Apr 16 2002 - 11:05:39 GMT-3
Thank you for the link, I went and looked up the Netbios commands, below are
the explanations I found. I understand the last 3, but the first 2 I don't
quite get. What exactly do the ADD NAME QUERY and ADD GROUP NAME QUERY
frames do? Thanks.
The "ADD NAME QUERY" frame (0x01) is used by a node to verify that the name
it wishes to add is unique within the network.
The "ADD GROUP NAME" frame (0x00) is used by a node to verify that the group
name does not exist as a unique name within the network.
The "NAME QUERY" frame (0x0A) is used to find a name on the network or to
request a remote node to establish a session.
The "NAME RECOGNISED" frame (0x0E) is used in response to a NAME QUERY frame
to indicate that a session can be established with the name or to provide
the location of the name.
The "DATAGRAM" frame (0x08) is used to send a datagram to a name.
-----Original Message-----
From: Mas Kato [mailto:loomis_towcar@speedracer.com]
Sent: Monday, April 15, 2002 8:22 AM
To: Lupi, Guy
Cc: ccielab@groupstudy.com
Subject: RE: Netbios access lists
Guy,
This is one of those "it depends" answers.
The station names in NetBIOS access lists reference the source name field
for NetBIOS commands 00 and 01 (ADD_GROUP_NAME_QUERY and ADD_NAME_QUERY) and
the destination name field for NetBIOS commands 08, 0A, and 0E (DATAGRAM,
NAME_QUERY, and NAME_RECOGNIZED).
Not all NetBIOS packets are filtered, only the select few that are related
to client/server session startup.
Check the IOS config guides under SRB and Securing the SRB Network for more
info if needed.
Regards,
Mas Kato
https://ecardfile.com/id/mkato
> "Lupi, Guy" <Guy.Lupi@eurekaggn.com> "'ccielab@groupstudy.com'"
<ccielab@groupstudy.com> Netbios access listsDate: Sun, 14 Apr 2002 16:47:15
-0400
>Reply-To: "Lupi, Guy" <Guy.Lupi@eurekaggn.com>
>
>This question is about netbios filtering on an interface. When applying a
>netbios access list to an interface, you can specify input or output. My
>question is, how do you establish the context of the access list? Say I had
>the following:
>
>netbios access-list host server permit server*
>!
>interface ethernet 0
>netbios input-access-filter host server
>!
>interface ethernet 1
>netbios output-access-filter host server
>
>On ethernet 0, that list would do one of the following, and on ethernet 1
it
>would do the opposite, this is where my question lies. Which one is it?
>1. Permit only stations that have the name server followed by any number of
>characters to go anywhere. This would be the case if the access list
>specified the source netbios name.
>2. Permit any station to send information destined for a host that had the
>name server followed by anything. This would be the case if the access list
>specified the destination netbios name.
>
>Is the list always specifying the destination name, or the source name to
be
>allowed or denied? I have looked on CCO with no luck, I would appreciate
any
>help. Thanks.
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:09 GMT-3