NetBIOS communication protocal
In modern day networks it seems that many attacks come from an open NetBIOS port. NetBIOS uses a variety of ports for certain communications here they are listed below.
1. Port 137 NetBIOS name resolution
2. Port 138 NetBIOS browsing and logon
3. 139 NetBIOS file and print sharing using (SMB)
NetBIOS is an outdated protocol that is used on networks prior to server 2003 although it is still available for those that have a need for backwards compatibility with older printers and Operating systems prior to XP. If, you have a network printer or computer running any of the above specifications you can isolate them on the network instead of keeping the NetBIOS protocol wide open. Many administrators are tempted to keep NetBIOS from running at all on anything over windows 2003 and on. This is not a bad idea, except there may be just a couple of side effects.
The domain and active directory create trust relationships called forests on each server. So, if you are a user and you are accessing the options on one forest you may not necessarily have access to any additional resources that you need on another. They solved this more with windows server 2003 by allowing the network admin to create a two way trust relationship between common forest active directory groups. NetBIOS for some reason is still Microsoft’s protocol to create these trust relationships between groups even though it has been outdated and no longer officially supported. But, if you are a small company with only a small network then you probably only have one domain so trust issues should not be an issue. The main issue is if you do not need to have it over come then the best thing to probably do is to turn NetBIOS off completely to secure your network holdings.
Disable NetBIOS on the DHCP server
To disable NetBIOS on a DHCP server take the following steps.
1. Choose start>programs>admin tools> then click DHCP
2. Look on the right hand side and you should see the server name (expand it by hitting the Plus)
3. Then right click on Scope options and then left click Configure options.
4. Choose the advanced tab, and in the drop down menu choose windows 2000 option in the vendor class list.
5. Click the 001 Microsoft Disable NetBIOS option check box, under available options
6. Finally at the bottom of the box says data 0x1 change it to read 0x2 then click ok to close.
Then on the clients (which most should have defaulted to anyway) Configure the DHCP client to enable the DHCP server to determine NetBIOS behavior
Windows XP, Windows Server 2003, and Windows 2000
1. In your control panel look for My network Places and click on it to open the windows
2. Once the window is open you will see a list of your adapters right click your network adapter
3. Look for TCP/IP settings on internet protocol.
4. Choose advanced option (and click the WINS tab at the top)
5. There should be an option listed for NetBIOS and choose to allow DHCP to set or choose disable.
Windows 7 and Vista
1. Click start and control panel.
2. Choose network connection in control panel.
3. On the left hand side of window there are a couple of different options choose the option to change adapter settings.
4. Click the option TCP/IPv4 ( TCP/IPv6 does not have NetBIOS option)
5. Choose advanced and the WINS tab
6. Choose the option you wish to use either from DHCP server or you can disable it all together on the client
- Network Topology Diagram
Having a detailed network topology as a network administrator can be very cruicial in locating and resolving network issues. There are many ways to create a network diagram. Here are some ways to build a detailed network topology
- 10 Core Fundamentals every Network Administrator Should Know
There are many tools available to network administrators. But, with so many tools which ones are absolutely needed to run your network? So, here are the essential “10 Core Networking concepts” every network admin should know.
- Advanced Format HardDrives
This is the newest technology in relation to data storage. This drive is available now and can store huge amounts of data with unparalleled performance
- Computer Security Tips & Tricks
There are many concerns when it comes to computer security. Many have no idea where to start the process of protecting their computer. There are several things that you can do to help prevent viruses, hackers, and other malicious programs from infect
More by this Author
El Salvador is rich in Historical, Cultural, and traditions that have helped shape not only El Salvador but the World.
Poverty in Brazil is one of the highest in the world lets explore why..
How to build the perfect dog house for your family friend. With all the comforts of home while he is out side to enjoy a new peaceful place your dog can call home
No comments yet.