ISA Server 2000 unexpectedly allows NetBIOS traffic from all external IP addresses after you configure a packet filter to allow "NetBIOS (all)" traffic from a specific external IP address (897177)


The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2000

SYMPTOMS

Assume the following scenario. In Microsoft Internet Security and Acceleration (ISA) Server 2000, you create a packet filter that has the following configuration.
SettingValue
Namename
Filter modeAllow packet transmission
Filter typeNetBIOS (all)
Local computerDefault IP addresses for each external interface or IP address of an external interface
Remote computerOnly this remote computer::IP address
When you enable this packet filter, ISA Server allows NetBIOS traffic from the remote IP address as you expect. However, ISA Server also allows NetBIOS traffic from all other remote IP addresses.

You expect NetBIOS traffic to be blocked from all IP addresses except from the IP address that you specified in the IP packet filter.

RESOLUTION

To resolve this issue, download and install the MS05-034 security update. For more information about this update, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/MS05-034.mspx

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Modification Type:MinorLast Reviewed:7/8/2005
Keywords:kbBug kbfix kbQFE KB897177 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.