Do you still have NetBIOS turned on on all of your workstations and servers in your corporate LAN?\u00a0 This old network protocol puts you at risk and should be killed without prejudice!<\/p>\n
There are quite a few reasons why NetBIOS is bad for your network.<\/p>\n
One of the major misconception about NetBIOS is the fact that people think that it has to be there in order for you to have a file share to serve files to your network users.\u00a0 That is actually not the case<\/a>.<\/p>\n NetBIOS uses these ports:<\/p>\n In actual fact, a workstation that tries to connect to a file share might start by trying using those ports.\u00a0 Windows will automatically fall back to using SMB, which is on port TCP 445.\u00a0 You might have heard of SMB (Server Message Blocks) and CIFS (Common Internet File System) in the same conversation.\u00a0 That’s because CIFS is actually a dialect of SMB<\/a>.<\/p>\n I found only two problems that you might run into if you disable NetBIOS.\u00a0 Another side effect is that this will affect trusts between forests<\/a>.\u00a0 This is definitely true for domains at the Windows 2000 functional level or even a Windows NT to Windows 2003 trust.\u00a0 In a simpler network with only one domain in your forest, this will not be an issue.<\/p>\n The other negative impact that I found is the fact that you no longer browse for computer in Network Neighborhood <\/em>(Windows 98) or Microsoft Windows Network<\/em> (Windows XP). When NetBIOS is enabled in your network, the master browser collects information about all the computers in the network.\u00a0 That information is then propagated every 12 minutes to all workstations.\u00a0 This can be displayed in the network neighborhood or using the NET VIEW command.\u00a0 In effect, this is how name resolution was done, by using the list maintained by the master browser. WINS is the other name resolution method in the NetBIOS world.\u00a0 This method is no longer used by Microsoft<\/a> OS since Windows 2000.<\/p>\n The best thing to do, is simply to eliminate NetBIOS.\u00a0 You probably won’t miss it.\u00a0 Most likely, if your network has more than a few computers in it, you are using DHCP.\u00a0 You can use DHCP to easily disable NetBIOS<\/a> on your workstations.\u00a0 In a smaller setting, you can change the configuration on each computer in your network by doing the following (instructions for Windows XP):<\/p>\n This method disables NetBIOS Session Service (which listens on TCP port 139). It does not disable NetBIOS completely.\u00a0 If you do not want to have SMB enabled, you can disable it all at once by using the following instructions:<\/p>\n This disables the SMB direct host listener on TCP\/445 and UDP 445.<\/p>\n Before you make such an important change in your network, you need to do some serious testing.\u00a0 This is especially true if you have a lot of different servers and applications.\u00a0 I intend to post again with the result of my testing and the effect that disabling NetBIOS had on our network.<\/p>\n In a Windows XP network, NetBIOS is on by default. There are some misconceptions regarding whether NetBIOS is required in order to have file sharing working. In fact, that is not the case. This post will explain what I found out when investigating the impact of removing NetBIOS from our corporate network.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[35],"yoast_head":"\nFile sharing on your LAN<\/h2>\n
\n
The downside of disabling NetBIOS<\/h2>\n
How to deal with NetBIOS<\/h2>\n
\n
\n
Final Thoughts<\/h2>\n
Related links<\/h2>\n
\n