[ previous ] [ next ] [ threads ]
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Howto workaround new NetBIOS vuln.
 Date:  Tue, 29 Dec 2009 14:09:49 -0600
Quark Group - Hilton Travis wrote:
> G'day Richard,
> Totally - configuring *your* DHCP Server to disable NetBIOS won't do diddly squat to protect a
laptop in a public area or hotel and the Microsoft article referred to doesn't take that into
consideration at all.  Also, hoping the AP in the Hotel you're staying in - unless it is one in
which you maintain the Wi-Fi setup - has client isolation enabled is like hoping the drunk girl you
slept with at that party the other night that you can almost remember some of didn't have an STI -
it isn't a good nor reliable way of staying safe.  :)
> Disabling "Automatically detect settings" on any laptops you support will ensure this NetBIOS
attack won't work on them, however it then relies on the Hotel knowing what the settings are for any
proxies - which REALLY should be transparent proxies if the truth be told!  :)

Hiton, I was the OP, and I am the hotel. :)  And I am not trying to fix 
the problem.  I am just trying to make "all reasonable efforts" and cut 
down on my support issues.  Also shutting off NetBIOS would clean up the 
logs a bit as it is a chatty damn protocol.


PS: User mode isolation only works if you have 1 AP.  You can stilol see 
everyone on the other APs.