• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 246
  • Last Modified:

NetBIOS over TCP/IP Question

I've read an awful lot about how TCP/IP is a bad thing.  However, I haven't been able to find a definitive answer regarding how disabling TCP/IP over a mixed network will affect the network (if any).

For example, if I have a linux / Windows 2000 / Win NT network.

0
KABOOM
Asked:
KABOOM
2 Solutions
 
KABOOMAuthor Commented:
Hmm, I realize how stupid this question sounds.  Let me re-state my question:

I've read an awful lot about how enabling NetBIOS TCP/IP is a bad thing.  However, I haven't been able to find a definitive answer regarding how disabling NetBIOS over TCP/IP over a mixed network will affect the network (if any).

For example, if I have a linux / Windows 2000 / Win NT network.
Basically, how crucial is netbios to networking?

Sorry about the question.  I'll do a better job of proofreading
0
 
ocon827679Commented:
NetBIOS is a requirement of Windows operating systems before W2K.  All naming in pre-W2K Windows OS's was done with NetBIOS.  If you have per-W2K windows OS's then you would want to keep NetBIOS around in order for this OS's to use Windows network resources.  Once you get rid of your NT and bring everything to W2K or later you can try turning NetBIOS off.  However, some applications are NetBIOS enabled and you may not have a chioce but to keep NetBIOS for a while.
0
 
SunBowCommented:
Agreed.

NetBios comes from earlier NetOS's for computers to access each other on a LAN by using their computer name, not address. It is not meant at all for internet, never was, it should be non-routable, but that is what NetBios over TCP tries to do. This can permit a user to access a remote printer that is attached to a Windows machine in some far away place. The benefit, whatever that is, is superceded by the security problems incurred.

KABOOM> Basically, how crucial is netbios to networking?

MS> Port Requirements for the Microsoft Windows Server System
MS> http://support.microsoft.com/default.aspx?scid=kb;en-us;832017

I count 27 uses in the table for "NetBIOS Name Resolution" for even Server 2003, including the SMS server that is required to perform the updates for the vulnerabilities to which you infer.

KABOOM> find a definitive answer regarding how disabling NetBIOS over TCP/IP over a mixed network will affect the network (if any).

MS> http://www.microsoft.com/security/incident/blast.asp
MS> 1. Enable a Firewall

The common approach these days is to run a personal firewall, usually a ZoneAlarm, Sygate, or BlackIce (user preferred in that order) to block NetBios transmissions by its port #'s, especially towards the internet facing/front, yet leave a possibility for opening the port only for specifically approved addresses.

Answer: NetBios still provides crucial functions for MS SW, but it's implementation should be managed by firewalling the resources that use it.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now