Would disabling NetBIOS traffic kill connections to network shares?
Just read your suggestion to use IPsec and filters to disable NetBIOS traffic
if you're not the only admin in your organization. Wouldn't this also have the effect of killing connections to network shares and other resources that depend on NetBIOS naming systems? I would think this could cause even more havoc if it was implemented across a user base, instead of (presumably) on individuals' own workstations.
This is a valid concern and why I mention the need for planning before implementing these policies. You can also use IPsec to set up "exception lists" to allow your administrative workstations to access NetBIOS shares for administration and maintenance, while blocking attempts from other potentially unauthorized machines.
This was first published in June 2003