Information Technology Reference
In-Depth Information
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
NetBT\Parameters\Interfaces\Tcp_
{<Interface GUID>}
\]
"NetbiosOptions"=dword:0 (to use DHCP settings)
"NetbiosOptions"=dword:1 (to enable NetBIOS over TCP/IP)
"NetbiosOptions"=dword:2 (to disable NetBIOS over TCP/IP)
Using VBScript
This code enables NetBIOS over TCP/IP.
' ------ SCRIPT CONFIGURATION ------
strComputer = "."
Const DEFAULT = 0
Const ENABLED = 1
Const DISABLED = 2
' ------ END CONFIGURATION ---------
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set nics = objWMIService.ExecQuery _
("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")
For Each nic in nics
intNetBT = nic.SetTCPIPNetBIOS(ENABLED)
If intNetBT = 0 Then
WScript.Echo "Success! NetBIOS over TCP/IP enabled!"
ElseIf intNetBT = 1 Then
WScript.Echo "Success! NetBIOS over TCP/IP enabled, please reboot."
Else
WScript.Echo "Error! Unable to enable NetBIOS over TCP/IP."
End If
Next
How It Works
While Microsoft has gone to great lengths to increase the security of Windows Server 2003
compared to previous versions of the operating system, the NetBIOS ports (TCP 135, 137, and 139)
remain well-known attack vectors that are often used by malicious users to exploit Windows
systems. Because of this, disabling NetBIOS traffic wherever possible will increase the overall
security of your Windows Server 2003 network.
Windows Server 2003 has largely rendered NetBIOS obsolete by replacing it with
direct
hosting
, which operates on TCP port 445 and uses DNS for name resolution instead of relying
on WINS or NetBIOS broadcasts. If you are not supporting any clients or applications that
require NetBIOS name resolution, you can increase the security of your Windows Server 2003
computers by disabling NetBIOS over TCP/IP and forcing your client and server computers to
utilize direct hosting.
