Closing the backdoor on NetBIOS
Results 1 to 7 of 7

Thread: Closing the backdoor on NetBIOS

  1. #1
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718

    Closing the backdoor on NetBIOS

    I did some research recently and found out about NetBIOS. Apparently this software created by microsoft leaves your computer vunerable to hackers online. I have decided to remove what they call "NetBIOS to TCP/IP binding" from my computer and have noticed through my firewall software (Outpost), that not only have my open ports dropped significantly, but the Attack Detection has basically quieted down dramatically as well. The whole reason I did this was I noticed that Outpost treated these NetBIOS connection attempts as possible attacks. I wondered why this was happening and hence, did the research. It almost seems that NetBIOS is useless unless you are using a LAN/WAN scenario. Is this true?




  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    <despare>Erhh!! </despare>

    Yes... and this has been mentionned COUNTLESS TIMES ALREADY.
    Please, please search/read the archives/forums before posting (now isn't to late either...)

    Ammo

    PS: Oh and by the way, MS didn't invent NetBIOS, IBM did...

    Credit travels up, blame travels down -- The Boss

  3. #3
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055

    Re: Closing the backdoor on NetBIOS

    Originally posted here by ShagDevil
    I did some research recently and found out about NetBIOS. Apparently this software created by microsoft leaves your computer vunerable to hackers online. I have decided to remove what they call "NetBIOS to TCP/IP binding" from my computer and have noticed through my firewall software (Outpost), that not only have my open ports dropped significantly, but the Attack Detection has basically quieted down dramatically as well. The whole reason I did this was I noticed that Outpost treated these NetBIOS connection attempts as possible attacks. I wondered why this was happening and hence, did the research. It almost seems that NetBIOS is useless unless you are using a LAN/WAN scenario. Is this true?




    Heh, take ammo's advice next time. Yes, NetBIOS (Network Basic Input/Output System) was created by IBM, not Microsoft. Secondly, it is probably the easiest way to remotely access another computers files, which would probably be why your attack detection is lower. Many people do nbt scans to see if you have the service/port open. That would explain why the attack detection is lower, IMHO.

    As for the LAN (Local Area Network) comment, yes, generally NetBIOS was meant for networked computers on a LAN or WAN to access each other's files easily. However, their is an exploit for it (obviously) so that is that. So yeah, unless you have a network, you should not have netBIOS open. Even if you do, use a strong password and/or install netbeui for the network. Hope I helped!
    Space For Rent.. =]

  4. #4
    Senior Member
    Join Date
    Aug 2002
    Posts
    239
    Ahh don't worry ShagDevil. Newbies (including me) are sometimes anxious to post...

    Agnitum's default setting I believe blocks NetBIOS. NetBIOS is more of DoS vuln. than a hacker threat. True, hackers or kiddies can scan via NetBIOS for shares, even if they are hidden.
    But more dangerously, a malicious person can down your system if your really vulnerable. Beware of the OOB nuke...........
    It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.

    Hit it!

  5. #5
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055
    Showtime8000> you have an excellent point, however most systems these days aren't vulnerable against the OOB Nuke. It can still happen of course, just rarely.
    Space For Rent.. =]

  6. #6
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    The help is much appreciated. And I think I understand now, it was IBM, not Microsoft. I worded my post incorrectly when I said 'created'. Yes, I shall be more weary next time around as I'm only just starting around these parts. I still appreciate the help though. Thanks
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  7. #7
    Banned
    Join Date
    Dec 2002
    Posts
    394
    yeah! thanx for the post and all the replys that explain so much for me as a newbie
    fairly new to security issues.
    --------------------------------------
    phaza :-*

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides