Marines

HomeNewsMessagesMessages Display

RESTRICTION OF NETBIOS 0N THE MCEN SIPRNET
Date Signed: 8/16/2006 | MARADMINS Number: 384/06
PRINT
MARADMINS : 384/06

R 160829Z AUG 06
FM CMC WASHINGTON DC(UC)
TO AL MARADMIN(UC)
UNCLASSIFIED//
MARADMIN 384/06
MSGID/GENADMIN/CMC WASHINGTON DC C4 IA//
SUBJ/RESTRICTION OF NETBIOS 0N THE MCEN SIPRNET//
REF/A/MSGID:DOC/DOD INST 8551.1/YMD:20040813//
REF/B/MSGID:DOC/DOD PORTS AND PROTOCOL LIST/-/200606//
REF/C/MSGID:MSG/JTF-GNO/222040ZJUN2006//
POC/RAY A LETTEER/GS-15/HQMC C4 IA/-/TEL:DSN 223-3490
/TEL:COMM 703-693-3490/EMAIL:RAY.LETTEER@USMC.MIL//
POC/MARIA S THOMPSON/MGYSGT/HQMC C4 IA/-/TEL:DSN 223-3490
/TEL:703-693-3490/EMAIL:MARIA.THOMPSON@USMC.MIL//
GENTEXT/REMARKS/REF A IS THE PORTS, PROTOCOL AND SERVICES (PPS)
MANAGEMENT PROGRAM.
REF B IS THE DOD PORTS, PROTOCOLS AND SERVICES ASSURANCE
CATEGORY ASSIGNMENT LIST THAT PROVIDES TECHNICAL GUIDANCE ON
CONFIGURATION SETTINGS FOR KNOWN COMBINATIONS OF PPS FOR DOD
INFORMATION SYSTEMS THAT ARE VISIBLE TO DOD MANAGED NETWORK
COMPONENTS.
REF C IS JTF-GNO COMMUNICATIONS TASKING ORDER 06-12.
GENTEXT/REMARKS/1. THE PURPOSE OF THIS MESSAGE IS TO CLARIFY
MARINE CORPS POLICY ON THE USE OF FILE SHARING PROTOCOLS AND
SERVICES TO INCLUDE, BUT NOT LIMITED TO: NETBIOS, SERVER MESSAGE
BLOCK (SMB), COMMON INTERNET FILE SYSTEM (CIFS), AND FILE TRANSFER
PROTOCOL (FTP) ACROSS THE MARINE CORPS ENTERPRISE NETWORK (MCEN)
SECRET INTERNET PROTOCOL ROUTER NETWORK (SIPRNET).
2. BACKGROUND.
A. THESE PROTOCOLS AND SERVICES ALLOW APPLICATIONS ON INDIVIDUAL
COMPUTERS TO COMMUNICATE. TYPICALLY FILE SHARING SERVICES AND
PROTOCOLS ARE USED TO ENABLE FILE AND PRINT SHARING CAPABILITIES
ON A LOCAL AREA NETWORK. WHEN THESE PROTOCOLS AND SERVICES ARE
USED TO COMMUNICATE OUTSIDE OF THE LOCAL ENCLAVE THEY ALLOW OTHERS
CONNECTED TO THE INTERNET, ACCESS TO MACHINES WITH THESE PROTOCOLS
AND SERVICES ENABLED.
B. RECENT SCANS OF THE SIPRNET HAS SHOWN CONTINUOUS USE OF THESE
FILE SHARING PROTOCOLS AND SERVICES ACROSS THE MCEN SIPRNET. THIS
ROUTINE USE OF THESE FILE SHARING PROTOCOLS AND SERVICES (EXAMPLE
NETBIOS) EXPOSES THE NETWORK TO UNACCEPTABLE VULNERABLITY LEVELS.
3. POLICY
A. THE USE OF FILE SHARING PROTOCOLS AND SERVICES EXTERNAL TO THE
MCEN SIPRNET IS STRICTLY PROHIBITED. FILE SHARING PROTOCOLS AND
SERVICES ARE AUTHORIZED ONLY WHEN CONFINED TO THE LOCAL ENCLAVE
(BASE, POST,STATION)AND DOES NOT CROSS SIPRNET BOUNDARIES OR
ENCLAVES UNLESS APPROVED BY THE MCEN DAA.
4. QUESTIONS MAY BE DIRECTED TO THE POCS CITED.//