Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Common Network/PC Threat: NetBIOS Hack

  1. #1
    Banned
    Join Date
    Sep 2002
    Posts
    108

    Common Network/PC Threat: NetBIOS Hack

    Hello and Welcome to my first and probably only (I'm not a good tutorial writer at all, sorry) tutorial here at AntiOnline. This one will be about the Common Attack of NetBIOS and will directed to mostly newbies. Well, I'm not going to bore you any longer, let's get down to buisness!

    **NetBIOS Attack and History**
    NetBios, for one, is short for Network Basic Input/Output System and was made and developed by IBM and Sytek as an API (Application Programming Interface used to access LAN (Local Area Network) resources. It short duke, it is used to access network services. PC's on a NetBIOS LAN communicate either by establishing a session or by using NetBIOS datagram or broadcast methods. The communication in these enviroments when two computers share a netbios session is in a format called NCB (Network Control Blocks). The "allowance" so to speak of these blocks of memory is made and depended on by the user program. Now, NetBIOS names are names used to indetify resources on a network/pc. Applications use names to start/end netbios sessions. To start or view servers registered NetBIOS names and services, go to your DOS promt or Go to Start>Run> and type cmd. At the Prompt, type this:

    nbtstat -A [ipaddy]

    Now, you will get a table similar to this:


    Name Number Type Usage
    ==========================================================================
    <computername> 00 U Workstation Service
    <computername> 01 U Messenger Service
    <\\_MSBROWSE_> 01 G Master Browser
    <computername> 03 U Messenger Service
    <computername> 06 U RAS Server Service
    <computername> 1F U NetDDE Service
    <computername> 20 U File Server Service
    <computername> 21 U RAS Client Service
    <computername> 22 U Exchange Interchange
    <computername> 23 U Exchange Store
    <computername> 24 U Exchange Directory
    <computername> 30 U Modem Sharing Server


    Now, generally, when you are being attacked, people will be looking for number 20, which would indicate you have file/print sharing enabled which inturn can give them access to your files within minutes. To protect from this is simple. Go to start>settings>controlpanel>network, and from their you will see File and Print Sharing. Click that and simple uncheck "I want to give other's access to my files" and Uncheck " I want to be able to let others print from my printer(s). Exit that, restart, and now you have File Sharing disabled. It's not that hard, but sometimes OS's have that ticker checked by default. A simple two minutes it takes to protect yourself from this kind of attack.**

    I hope everyone liked this short (very short) tutorial on the Common Attack of NetBIOS, their will be another tutorial(s?) with similar common attacks. I'll be working on them but with school, work, football, and the weekend plans, it'll be hard. Hoped you enjoyed and learned, Common_Exploit

  2. #2
    Junior Member
    Join Date
    Oct 2002
    Posts
    2
    In Windows XP (maybe others too, not sure) to enable or disable sharing you have to right click on the drive that you don't want to be shared and click the sharing tab to disable or enable sharing.

    P.S. I'm sure you already knew but oh well.

  3. #3
    Banned
    Join Date
    Sep 2002
    Posts
    108
    Ohh, good point. Sorry, right now I'm on WinME and I was basing it on what I was doing for my friend a few minutes ago on the WinMe Machine. Your right though, I'm sorry I forgot to add this.

  4. #4
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    This has been explained many times already and in greater details (on both sides, ie: hacker/defence)...
    Search the previous tutorials/archives...

    Ammo
    Credit travels up, blame travels down -- The Boss

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Posts
    324
    Nice first tut - keep 'em coming!
    \"I may not agree with what you say, but I will defend to the death your right to say it.\"
    Sir Winston Churchill.

  6. #6
    Senior Member
    Join Date
    Jun 2002
    Posts
    352
    NetBIOS (Network Basic Input/Output System), originally developed by IBM and Sytek as an Application Programming Interface (API) for client software to access LAN resources, has become the basis for many other networking applications.
    PC's on a NetBIOS LAN communicate either by (1) establishing a session or by using NetBIOS (2) datagram or (3) broadcast methods.
    All communication in a NetBIOS environment is presented to NetBIOS in a format called Network Control Blocks (NCB).The allocation of these blocks in memory is dependent on the user program.
    NetBIOS names are used to identify resources on a network. Applications use these names to start and end sessions.
    Is it just me or do these quotes resemble the "tut" a bit too much. I found all these here. Why didnt you just name the thread "How to turn off file/print sharing for newbies?" Waste of space!
    \"When I give food to the poor, they call me a saint. When I ask why the poor have no food, they call me a communist.\" -- Dom Helder Camara

  7. #7
    Banned
    Join Date
    Sep 2002
    Posts
    108
    Hrmm.. Well, this tutorial is mine and I wrote it myself. I don't deal with anything involving stealing other's idea's or anything like that because of the same thing happening to me. As you can see, my tutorial wasn't like those words you wrote, they were much alike because NetBIOS isn't the the kind of thing that changes how it works and whatnot.

  8. #8
    Originally posted here by Common_Exploit
    I don't deal with anything involving stealing other's idea's or anything like that because of the same thing happening to me.

    You stole my old RedHat signature you lying bastard! How dare you!? Because of your total lack of imagination I had to spend hours thinking of a new one...It's a little hard to be imaginative when my tired old brain is alcohol damaged...

    I'm sure everyone remembers my "RedHat- Because re booting is for adding new hardware" signature...


    Anyway, I shall not forget.......

  9. #9
    Banned
    Join Date
    Sep 2002
    Posts
    108
    Lmfao! Hey, C_K, what can I say? I love RedHat. Btw, I have seen 4 people at AO that use the RedHat logo as a sig. Weird comments too. I liked yours, can you please put it back?

  10. #10
    Banned
    Join Date
    Sep 2001
    Posts
    852
    a quick look through the tutorials index would have seen 2 tuts writen on the same subject alot more in depth by me and sorry but your tut is to close to that link that Mahakaal posted
    some links that are interesting for you
    http://www.antionline.com/showthread...hlight=netbios

    http://www.antionline.com/showthread...hreadid=228778
    from windows

    http://www.antionline.com/showthread...hreadid=228798
    from linux took me 10 seconds to find them

    my liver is safe
    rioter

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •