Office of Information Technology Networking and Telecommunications Services
Networking and Telecommunications Services
NTS HOME OIT HOME U MD HOME FOR ASSISTANCE

Forms

NetBIOS Traffic Blocked From Entering the University Network

In order to reduce the exposure of the University to attacks against various vulnerabilities associated with Microsoft Networking, OIT will begin filtering NetBIOS and SMB packets (TCP ports 135, 139, and 445. UDP ports 137 and 138) at the borders of the University Network. For residence hall networks, this block will go into place on August 27th. For the remainder of the campus, the block will take effect on September 2nd.

This block will affect those who use Microsoft Networking or Samba to access the files on their campus desktop or file server from locations outside of the campus network. It also affects those who access remote files using these same methods from the campus network. This action does not affect a vast majority of users of the University Network. This block does not affect users of the OIT Dialup services or file sharing traffic between buildings at the University.

Factors prompting this action include:

  • Over 200 separate incidents involving the hijacking of campus Windows systems via Microsoft Networking services have occurred thus far during 2002.
  • An average of 200,000 intrusion attempts per week from outside the University Network probing for vulnerable systems.
  • Tools to exploit Microsoft Networking weaknesses are readily available from websites dedicated to assisting would-be intruders.
  • It is becoming common for Windows systems on-campus to be scanned and compromised from off-campus during the installation process prior to the installation of necessary update packages.
  • Numerous NetBIOS probes of off-campus sites from the University network have been observed exposing the University to potential liability issues.
  • Microsoft Networking is increasingly a target of virus writers. The Klez virus that has infected well over 500 computers at the University this year uses Microsoft Networking as one if its infection vectors.

    Those users who have a need to use these protocols from outside of the campus network may do so by utilizing a Virtual Private Network connection. See http://www.helpdesk.umd.edu/vpn for more information on OIT's VPN Service.

    If you have questions about this action, please contact the OIT Help Desk at (301) 405-1500 or helpdesk@helpdesk.umd.edu.


    • University of Maryland, College Park This page is maintained by Networking and Telecommunications Services.
    Questions and comments should be sent to: webmaster@noc.umd.edu
    © 2001 University of Maryland
    Last Modified: Monday, August, 12, 2002