Solved

NetBIOS over TCP/IP Question

Posted on 2003-11-22
6
231 Views
Last Modified: 2013-12-04
I've read an awful lot about how TCP/IP is a bad thing.  However, I haven't been able to find a definitive answer regarding how disabling TCP/IP over a mixed network will affect the network (if any).

For example, if I have a linux / Windows 2000 / Win NT network.

0
Comment
Question by:KABOOM
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 

Author Comment

by:KABOOM
ID: 9807612
Hmm, I realize how stupid this question sounds.  Let me re-state my question:

I've read an awful lot about how enabling NetBIOS TCP/IP is a bad thing.  However, I haven't been able to find a definitive answer regarding how disabling NetBIOS over TCP/IP over a mixed network will affect the network (if any).

For example, if I have a linux / Windows 2000 / Win NT network.
Basically, how crucial is netbios to networking?

Sorry about the question.  I'll do a better job of proofreading
0
 
LVL 13

Accepted Solution

by:
ocon827679 earned 25 total points
ID: 9811537
NetBIOS is a requirement of Windows operating systems before W2K.  All naming in pre-W2K Windows OS's was done with NetBIOS.  If you have per-W2K windows OS's then you would want to keep NetBIOS around in order for this OS's to use Windows network resources.  Once you get rid of your NT and bring everything to W2K or later you can try turning NetBIOS off.  However, some applications are NetBIOS enabled and you may not have a chioce but to keep NetBIOS for a while.
0
 
LVL 24

Assisted Solution

by:SunBow
SunBow earned 25 total points
ID: 9812012
Agreed.

NetBios comes from earlier NetOS's for computers to access each other on a LAN by using their computer name, not address. It is not meant at all for internet, never was, it should be non-routable, but that is what NetBios over TCP tries to do. This can permit a user to access a remote printer that is attached to a Windows machine in some far away place. The benefit, whatever that is, is superceded by the security problems incurred.

KABOOM> Basically, how crucial is netbios to networking?

MS> Port Requirements for the Microsoft Windows Server System
MS> http://support.microsoft.com/default.aspx?scid=kb;en-us;832017

I count 27 uses in the table for "NetBIOS Name Resolution" for even Server 2003, including the SMS server that is required to perform the updates for the vulnerabilities to which you infer.

KABOOM> find a definitive answer regarding how disabling NetBIOS over TCP/IP over a mixed network will affect the network (if any).

MS> http://www.microsoft.com/security/incident/blast.asp
MS> 1. Enable a Firewall

The common approach these days is to run a personal firewall, usually a ZoneAlarm, Sygate, or BlackIce (user preferred in that order) to block NetBios transmissions by its port #'s, especially towards the internet facing/front, yet leave a possibility for opening the port only for specifically approved addresses.

Answer: NetBios still provides crucial functions for MS SW, but it's implementation should be managed by firewalling the resources that use it.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
OfficeMate Freezes on login or does not load after login credentials are input.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question