Link to home
Start Free TrialLog in
Avatar of IT-Trygve
IT-Trygve

asked on

How to Block Netbios solution

Hi, hope anyone can give me a great tips for this ...


Configuration:

1 ZyWall 5
Clients one one subnet : 192.168.6.0/24
The ZyWall is DHCP server too..


Problem:

My problem is that the clients can see other computers in My Network Places, and they can then share software etc..
I want to block this so they only have access to Internett and email and thats it...

I have configured the ZyWall with firewall rules that block port 137 - 139 but I am not able to block this traffic..

Does anyone have any solution for this, or can you give me a tips of other solutions/products etc

Thank you for the help  =)

Trygve
ASKER CERTIFIED SOLUTION
Avatar of Frabble
Frabble
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I would not worry too much about other clients on your local area network seeing other computers.  To prevent file sharing, just remove all shares on all the computers.  You might want to un-bind `Microsoft File and Printer Sharing` from the computer's network adapter, but be careful with the latter option.

You didn't state if this is a workgroup network or a client/server network?  If it's a client/server network, are you using Active Directory if Windows 2000 or better?

Also, your computers?  Windows XP, 2000, 98, ME, 95?  What operating systems are you using on your computers?
If the problem is strictly on your internal network then the ZyWall firewall will not be able to vet the data traffic.  It can only vet data traffic flowing through the firewall appliance.
Avatar of pgm554
That has nothing to do with the firewall unless they are on the other side of the gateway.

As long as M$ file and printer sharing is enabled on the desktops,you will not be able to block it.
So every desk top that has M$ file and printer sharing will need to have it turned off or uninstalled.
You could disable the Server service in the Services applet of the control panel on each computer.
... but read up on the subject of disabling the server service, just in case that action has any other side effects.