Even worse there are some utilities which can scan an entire subnet and attach to any share it finds. We use a filter to stop this and assign it on a user by user basis via RADIUS. Jeff Binkley ASA Network Computing U> Which is essentially the reason for wanting a user filter, I have U>people bouncing around in each others Network Neighborhoods. While U>instruction would be better 98% of my customer traffic will never need U>to use CIFS. The small proportion that might should be running VPN U>anyway. Also if someone needs it I can drill a hole for them. U> It's pretty much a reaction to bad press here due to the Cable U>Access providers. They had a rash of people getting directory listings U>of customer hard drives and emailing them to their customer base. U>Things like bank account balances and indexes of their porn U>collections <sigh>. U> So basicly I get to be my brothers keeper..... U> Regards, U> Steve U>> If you're talking windows machines you gotta be carefull about ports U>> 137-139. Windows does ALL access to the outside world through those U>> 3 ports. If you filter them you will most likely sever any U>> connection it tries to make. U>> U>> Paul Farber U>> Farber Technology U>> farber@admin.f-tech.net U>> Ph 570-628-5303 U>> Fax 570-628-5545 U>> U>> On Thu, 25 Nov 1999, Steve Sherwick wrote: U>> U>> > Well I'm playing around again... U>> > I am attempting to install a user filter to suppress the flow U>of CIFS U>> > (SMB) communications through the HiPer ARC. My intent is to U>> > control the filters behavior by way of RADIUS and the U>> >Framed-Filter-Id= reply item. U>> > I understand the technology portion of it but getting the U>> > nuances is kinda slowing me down. U>> > I understand I need to create a named filter (In this case I U>named it U>> > NOCIFS) which I have managed to do with HARM. This is the filter. U>> > #filter U>> > IP: U>> > 1 REJECT udp-src-port = 137; U>> > 2 REJECT udp-src-port = 138; U>> > 3 REJECT udp-src-port = 139; U>> > I'm making the assumption that unlike many routers you may U>selectively U>> > Reject without having to allow everything else again. U>> > According to the minimal documentation I've found there has to U>> > be a NOCIFS.IN and a NOCIFS.OUT file in the ARC for this to work. U>HARM however U>> > does not allow you to create a named filter with an extension. U>> > Does it create an in and an out automagically?? Or how does one do U>this??? In other U>> > words, how does HARM differentiate an In from an Out??? U>> > I'm fairly sure I can fool around with the CLI and get this to U>fly but U>> > the HARM should be able to handle it. U>> > Anyway, am I even close to getting this to run <grin>.... U>> > Regards, U>> > Steve Sherwick U>> > - U>> > To unsubscribe to usr-tc, send an email to U>> > "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of U>> > the message. For information on digests or retrieving files and U>> > old messages send "help" to the same address. Do not use quotes U>> >in your message. U>> U>> U>> - U>> To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" U>> with "unsubscribe usr-tc" in the body of the message. U>> For information on digests or retrieving files and old messages U>> send "help" to the same address. Do not use quotes in your U>> message. U>- U> To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" U> with "unsubscribe usr-tc" in the body of the message. U> For information on digests or retrieving files and old messages send U> "help" to the same address. Do not use quotes in your message. CMPQwk 1.42 9999 - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.