What's the purpose of having NetBIOS over TCP/IP?

Toggle sidebar Toggle sidebar
S

Steve309

Member
Feb 19, 2000
62
0
0
In the properties for the TCP/IP protocol there's a tab for NetBIOS where you can enable NetBIOS over TCP/IP. How would I know if I need to have it enabled? I only have a 2 computer network using TCP/IP for internet connection, file and printer sharing. Are there any downsides to having this enabled, such as security or performance? How would I disable it since my checkbox is greyed out? Thanks!
 
B

BCYL

Diamond Member
Jun 7, 2000
7,803
0
71
Go to Shields Up and look at their Network Bondage section, it has all the answers you are looking for...

In short, you dont want that box checked... What you want to do is use NetBeui for your internal LAN communication (ie. file and printer sharing), and TCP/IP only for internet connection sharing... The reason for this is, Netbeui is a non-routable protocol, so ppl on the internet wont be able to see the things that are connected to Netbeui... This gives you LAN more security...

Grc.com has all the instructions on how to do this, and gives great explanations...
 
S

Steve309

Member
Feb 19, 2000
62
0
0
Hmm, I didn't know I could have NetBUI for file and printer and use TCP/IP for internet sharing at the same time. Thanks for the tips, I've been to that site before but I'll have to check it out again.

Just out of curiousity, why would someone want to have NetBIOS over TCP/IP?

 
J

jsm

Banned
Oct 11, 1999
971
0
0
While NetBEUI is fine for local networks, it is not the best solution. It's packets are smaller and it is generally a slower protocol than IP. Honestly, if you are worried about security and using a protocol that is non routable, just use a private class of addresses (I know - classes are dead, CIDR is the way). Still, something like 192.168.0.x would be perfectly acceptable and non-routable.

I believe using NetBIOS over TCP/IP is for viewing other computers over network neighborhood. Windows (pre-2000) used NetBIOS names for machines (check out your LMHOSTS file). If you are not running Dynamic DNS, I would recommend turning on NetBIOS over TCP/IP internally.

As for your external connection, just turn off Workstation and Server services on your external NIC and you should be fine when it comes to NetBIOS based attacks. Oh, and block ports 137, 138 and 139 for added security and you should be that much safer. Good luck!
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom