Re: Blocking NetBios

From: faisyuet (faisyuet_at_wol.net.pk)
Date: 06/11/04

  • Next message: Ken Burns: "address sources for virus distribution?"
    Date: Fri, 11 Jun 2004 11:46:11 +0500 (PKT)
    To: "Kareem Mahgoub" <kareem@thewayout.net>
    
    

    Hi Kareem,

    If the clients are using DHCP, then you need to check few things:

    1) See if WINS is running. If it is there, then uninstall it (Make sure to check any dependency applications first)

    2) Disable Netbios setting in DHCP if any.

    3) Disable Wins settings in DNS Server properties if there are any. (Win20000 DNS)

    4) Shared folder on a network are managed by Computer Browser Service. You have to disable the Computer Browser Service on that network. Make sure it is disabled on each & every system. You can do that by using Group Policy. In service disable the startup of Computer Browser Service.

    5) In the NIC properties of each system, go to TCPIP Properties > Advanced > then go to WINS tab. Check the radio button 'Disable Netbios over TCPIP'

    After this excercise, network would go blind. There would be no system displaying in the network neighbourhood. But user can use the full UNC path of a share folder to access it.

    Regards
    Faisal Masood
    Lahore

    On Thursday, June 10, 2004 at 11:21:03 AM, Kareem Mahgoub wrote:

    > Hi list,
    > I have a request from one of our clients to block NetBios in thier Network
    > ( No one should be able to see the shared resources of others)
    > I have googled around and all what I have found is blocking it on the edge
    > communication equipment ( router, xDSL modemd..etc) Which will be done.
    > The most important thing is to disable it internally ( inside the LAN)
    > Any suggestions???
    > Taking in consideration that there is DHCP server for the clients ( If it
    > can contribute in the Solution)
    > Best Regards,
    > Kareem Mahgoub
    >
    faisyuet
    e-mail: faisyuet@wol.net.pk

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------


  • Next message: Ken Burns: "address sources for virus distribution?"