Re: MS Client Binding on External NIC
From: Wesley Kendall [MSFT] (a-wesk_at_online.microsoft.com)
Date: 11/30/04
- Next message: Frederic Grosdaillon: "Re: Using RIS and /connectcomputer on a SBS server"
- Previous message: Eddie McGlone: "OWA on SBS 2000 Newbie"
- Next in thread: Merv Porter [SBS-MVP]: "Re: MS Client Binding on External NIC"
- Reply: Merv Porter [SBS-MVP]: "Re: MS Client Binding on External NIC"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 30 Nov 2004 13:46:41 GMT
>Hi Wesley,
>
>> The ISA firewall service will protect the client for MS networks from the
>...
>
>What about with SBS 2003 Standard? I note that the Client for MS networks
>is also checkmarked on the external NIC on those systems as well. Will the
>Basic Firewall protect Client for MS Networks as well as ISA?
The following is straight from the product group:
"We don't touch this more in the manner of "we don't disable it" rather
than "we purposely make sure it's enabled".
We do disable File and Printer sharing on the external NIC to prevent
shares and printers from being shared externally, which is probably what
people think this is.
Think of it this way, File and Printer sharing is the "Everyone on the
Internet can access me" one, while Client for Microsoft Networks is "I can
access everyone [that's listening] on the Internet" one.
Disabling Client for Microsoft Networks is probably a defense-in-depth
measure we could do, but I'm not exactly sure how much protection that buys
the customer, especially on Standard or Premium machines that allow all
outbound access."
In other words, disabling the Client for Microsoft Networks on the external
NIC prevents you from doing a "net use * \\<internet IP>" to a file share
somewhere on the internet (or DMZ).
Thanks!
-- Wesley Kendall Small Business Server Product Support This posting is provided "AS IS" with no warranties, and confers no rights. Get Secure! http://www.microsoft.com/security ===================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. =====================================================
- Next message: Frederic Grosdaillon: "Re: Using RIS and /connectcomputer on a SBS server"
- Previous message: Eddie McGlone: "OWA on SBS 2000 Newbie"
- Next in thread: Merv Porter [SBS-MVP]: "Re: MS Client Binding on External NIC"
- Reply: Merv Porter [SBS-MVP]: "Re: MS Client Binding on External NIC"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
