Hello,
since I am a quite satisfied customer of Outpost I convinced the company I am working for to do a little test of it in our LAN. I installed the Outpost Pro V2.5 Trial Version on a laptop which is connected to our LAN via Ethernet.
As soon, as Outpost started I got hundreds of messages of Netbios traffic being blocked... that was not at all directed to the computer I was working on!
The machine had the IP address 172.24.92.112 (Subnet 255.255.248.0). However the Outpost log was full of these messages (the first IP address is the destination IP of the packet). As you can see the IP of my computer is nowhere to be seen!
16:03:05 SYSTEM IN REFUSED UDP 255.255.255.255 2301 172.24.91.63 2301 Packet to closed port
16:03:05 NETBIOS IN REFUSED UDP 172.24.95.255 138 172.24.95.23 138 Block NetBIOS
16:03:04 NETBIOS IN REFUSED UDP 172.24.87.255 138 172.24.82.5 138 Block NetBIOS
16:03:04 NETBIOS IN REFUSED UDP 172.24.95.255 138 172.24.91.228 138 Block NetBIOS
16:03:04 NETBIOS IN REFUSED UDP 172.24.95.255 138 172.24.94.222 138 Block NetBIOS
16:03:04 NETBIOS IN REFUSED UDP 172.24.95.255 137 172.24.92.65 137 Block NetBIOS
16:03:04 NETBIOS IN REFUSED UDP 255.255.255.255 138 172.24.180.122 138 Block NetBIOS
AGETI : Messages : 6358-6387 of 8996::
would make a Third World War fought over dwindling energy reserves unnecessary. was seen to dance in the sky by thousands of awestruck onlookers who
http://groups.yahoo.com/group/AGETI/messages/6358?xm=1&m=e&l=1HOME |
16:03:03 NETBIOS IN REFUSED UDP 172.24.87.255 137 172.24.86.156 137 Block NetBIOS
16:03:03 NETBIOS IN REFUSED UDP 172.24.183.255 137 172.24.181.173 137 Block NetBIOS
16:03:03 NETBIOS IN REFUSED UDP 172.24.87.255 137 172.24.84.221 137 Block NetBIOS
16:03:03 SYSTEM IN REFUSED UDP 255.255.255.255 2301 172.24.183.108 2301 Packet to closed port
Why does Outlook care about packets that are not destined for the computer it is running on? I don't understand this. I had a log of over 4,000 entries for only a few minutes and I didn' manage to stop it from doing so. I even changed the LAN setting to the IP address it was running on, but that didn't change anything.
I stopped my test and went back to ZoneAlarm which never logs packets that are not meant for the computer it is running on.
Does anyone know if that can be changed?
Regards,
Frank Schwab
Hello xformer,
Are you using OutPost in a Lan if not you can disable netbios.
They will be logged as success, or logged as rejected - fortunatately Outpost has had log size control since 2.1
I wonder if there is any way to reduce the volume of broadcast traffic? - a cleaner LAN will be a faster LAN.
http://www.shadowsupport.com/winsnbns.html
Using Wins or a suitable replacement, is supposed to reduce or eliminate the broadcast traffic used for discovery.
Shadow's NBNS eliminates NetBIOS broadcast traffic.
Without a NetBIOS Name Server, PCs can find one another only by broadcast techniques. But broadcast packets waste CPU cycles and generally are not usually forwarded through IP routers. IPserver's NBNS provides a central repository where stations go to register themselves and to look for their peers, eliminating the broadcast traffic associated with NetBIOS services.
Oops,
I just saw it: All the destination addresses end in ".255", i.e. they are broadcast messages which actually match the network submask of my machine and as such are of course meant for the machine Outpost is running on.
Sorry for bothering you. Seems like Outpost is telling things going on in the network that ZoneAlarm is hiding.
Frank
Hello GoonMan,
as I wrote in my original post I wanted to test Outpost in my company's LAN. I need NetBIOS for file and printer sharing. I must say that I am quite shocked by the sheer amount of broadcasts and multicasts in our LAN. Over 4.000 in just a few minutes. Wow...
172.24.95.255This is a broadcast to *all* the computers on your network, including yours. To see if a message is destined for it your computer does a compare between the address in the packet and its address. If all the binary 1s compare then the packet is for it. The 255 has all the binary bits set: therefore *any* computer on your network will match when it compares the 1s. The general term for this is multicast.
 Where's The Advantage In Windows Genuine Advantage?
 Stocks Bounce After S&P Joins Bear Market
|
