Turning off netbios for all windows 7 workstations

Are there any well-known repercussions related to disabling NetBIOS for my workstations. There is a lot of broadcast chatter I’d like to eliminate. Also, many of the workstation firewalls are blocking UDP 138 and 137. This blocking combined with the broadcasts results in security logs that are being written to four times a minute per workstation. Quite a lot of work for nothing possibly?

I disabled netBIOS on one workstation and I’m not seeing any issues yet. Is it OK to disable it networkwide?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tom CieslikIT EngineerCommented:
If you will turn OFF NetBios on IPv4 configuration setup then this workstation will stop responding to PING command using a name and IPv4 protocol.

So if for example you have computer name CompA and CompB and you'll disable NetBios on CompA then if you try to PING CompA from CompB you will not get any response or you'll get response on IPv6 protocol only.
JohnMan777Author Commented:
Tom, is there anything else I should be concerned about other than the ping command failing?
Tom CieslikIT EngineerCommented:
I've tested it on my network and this was only issue I've noticed.

I still was able to access network share from computer with disabled NetBios and also I was able to get access to share folder on this computer.
I was able to connect to Exchange and Outlook is working OK.

It's hard to say and test everything but so fa I don't see any problems

Generally, NetBios is Microsoft Computer Browser Service and I'ts not used anymore for nothing but resolving IP to Name or Name to IP in networks without DNS.
Is far I know, in New networks it's not used anymore

The Five Tenets of the Most Secure Backup

Data loss can hit a business in any number of ways. In reality, companies should expect to lose data at some point. The challenge is having a plan to recover from such an event.

JohnBusiness Consultant (Owner)Commented:
I would not remove NetBIOS at this point from Windows 7 for the reasons Tom has noted above. If your Windows 7 are fully up to date (many are NOT), then the NetBIOS threat as been mitigated. I have NetBIOS running on my fully patched Windows 7 Virtual Machine and no harm has come from that.

In two years now, new machines won't even have BIOS let alone NetBIOS, so it will vanish soon enough and in the interim, Microsoft is patching systems.
Dr. KlahnPrincipal Software EngineerCommented:
I always disable NetBIOS as part of commissioning new systems and to date I have noticed no ill effects.

If it's not used, there's no reason to have it in; if it's in and not used, there is the potential for security issues.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
btanExec ConsultantCommented:
Unnecessary service should be disabled as default regardless if there is vulnerability or patched. The implication is minimal as long as all servuce is using DNS and in fact netbios is just a fallback strategy. But if your core service is down there is more resiliency issue than just netbios alone..you seldom will fall back to legacy service as contigency.

Having said that, actually it also largely depends on what you have in the machine as it is not just the OS but your application that you need to test out. Like for example, McAfee ePO has legacy issuebin domain syncing if netbios is disabled but mention alright for newer version as it does not use this legacy feature anymore. Rather than be concern on the client which there isnt much complications, your server need more testing as it ia likely to have legacy apps or service undergoing refresh. Plan out the phase out of netbios carefully with your owner and project team.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.