Re: user list

From: Steven Umbach (n9zrou_at_nscomcast.com)
Date: 11/21/03

  • Next message: Steven L Umbach: "Re: user list" 
    Date: Fri, 21 Nov 2003 04:21:08 GMT

    I have never tried disabling netbios over tcp/ip that way. Their reference to
    disabling netbios over tcp/ip in wins is correct - you also need to disable file
    and print sharing on that nic to stop smb over port 445 as they state. I just
    wanted to make sure that you did not disable the tcp/ip netbios helper service
    as it will cause problems like dns malfunctioning. I don't know much about
    Exchange, which may be complicating your ability to harden the server. You may
    want to post those issues at an Exchange newsgroup. I think your best bet is to
    use a firewall that blocks all inbound ports by default, and then you open only
    those ports needed for access. --- Steve

    "gazebo" <anonymous@discussions.microsoft.com> wrote in message
    news:003701c3afdf$ed141530$a001280a@phx.gbl...
    > thanks Steve,
    >
    > I follow the doc provided by MS.
    > http://msdn.microsoft.com/library/default.asp?
    > url=/library/en-us/dnnetsec/html/THCMCh16.asp
    > In step 4, To disable NetBIOS over TCP/IP
    >
    > According to that, disabling at the WINS tap is not
    > sufficient.
    >
    > Gazebo
    >
    > >-----Original Message-----
    > >Where did you disable nebios over tcp/ip? - do not
    > disable the tcp/ip
    > >netbios helper service as problems will occurr. Nebios
    > should be disabled in
    > >network adapter properties\/tcp/ip\advanced\wins. Did
    > you try just
    > >disabling file and print sharing? --- Steve
    > >
    > >"gazebo" <anonymous@discussions.microsoft.com> wrote in
    > message
    > >news:0b7501c3af49$f4f360d0$a101280a@phx.gbl...
    > >> I tried to disable netbios over TCPIP on DNS and
    > exchange
    > >> server. It turned out that DNS cannot be started. And
    > >> exchange server reported some services not started as
    > well.
    > >>
    > >> Is it the case?
    > >>
    > >> >-----Original Message-----
    > >> >You do not need them for dns or IIS/FTP. --- Steve
    > >> >
    > >> >"gazebo" <anonymous@discussions.microsoft.com> wrote in
    > >> message
    > >> >news:063901c3ae60$080ae110$a101280a@phx.gbl...
    > >> >> But do I need those services for property operations?
    > >> such
    > >> >> as IIS, DNS, FTP
    > >> >>
    > >> >> Gazebo
    > >> >> >-----Original Message-----
    > >> >> >Easily done via a null session if you have file and
    > >> print
    > >> >> sharing enabled on
    > >> >> >your network adapter connected to the internet and
    > you
    > >> do
    > >> >> not have a
    > >> >> >firewall or it is improperly configured. Go to
    > >> >> http://scan.sygatetech.com/
    > >> >> >for a basic vulnerability scan and see if sirens go
    > off
    > >> >> about netbios ports
    > >> >> >being open to the world. There are free personal
    > >> >> firewalls available for
    > >> >> >personal use. A firewall is only one component in
    > >> >> securing a network
    > >> >> >however. --- Steve
    > >> >> >
    > >> >>
    > >>
    > >http://www.webattack.com/Freeware/security/fwfirewall.shtm
    > >> >> l
    > >> >> >http://www.microsoft.com/security/protect/
    > >> >> >http://securityadmin.info/faq.asp#harden --- From
    > the
    > >> >> FAQ.
    > >> >> >
    > >> >> >"gazebo" <anonymous@discussions.microsoft.com>
    > wrote in
    > >> >> message
    > >> >> >news:04fb01c3adc1$bfe8bc20$a601280a@phx.gbl...
    > >> >> >> Is it possible that some external parties retrieve
    > >> the
    > >> >> >> user list through the internet? If so, how to
    > avoid
    > >> it?
    > >> >> >>
    > >> >> >> It seems that my server's user list has been
    > >> retrieved
    > >> >> by
    > >> >> >> some unknown parties and every night there are
    > >> repeated
    > >> >> >> logon attempts every few secs using the local user
    > >> >> lists.
    > >> >> >> (failed so far)
    > >> >> >>
    > >> >> >>
    > >> >> >
    > >> >> >
    > >> >> >.
    > >> >> >
    > >> >
    > >> >
    > >> >.
    > >> >
    > >
    > >
    > >.
    > >

  • Next message: Steven L Umbach: "Re: user list"

    Relevant Pages

    • Re: Reminder When turning off services
      ... Driver and your not familiar with this. ... An example of disabling a driver would be disabling the well known Netbios ... lan connections tcp/ip settings then under advanced tcp/ip under the Wins tab ...
      (microsoft.public.windowsxp.network_web)
    • Re: NetBios over TCP/IP
      ... and see if you have NetBIOS over TCP/IP connectivity. ... (disabling the wirelees which I do not use at home). ... I can see other computers on my network, but they can not see me. ...
      (microsoft.public.windowsxp.network_web)
    • Re: NetBios over TCP/IP
      ... laptop (the one that has NetBios over Tcp/IP disabled. ... (disabling the wirelees which I do not use at home). ... I have enable NetBIOS over TCP/IP but ipconfig /all shows NetBIOS over ...
      (microsoft.public.windowsxp.network_web)
    • Re: NetBios over TCP/IP
      ... and see if you have NetBIOS over TCP/IP connectivity. ... (disabling the wirelees which I do not use at home). ... I can see other computers on my network, but they can not see me. ...
      (microsoft.public.windowsxp.network_web)
    • Re: Disabling NetBIOS and LMHOSTS Lookup
      ... Under 'LAN or High Speed Internet' of the 'Network Connections' ... window click once on 'Internet Protocol '. ... In the 'Advanced TCP/IP Settings' window click on WINS. ... hopefully unchecking means disabling and not choosing it to be ...
      (microsoft.public.windowsxp.general)