-
November 16th, 2002, 09:56 PM
#1
Closing the backdoor on NetBIOS
I did some research recently and found out about NetBIOS. Apparently this software created by microsoft leaves your computer vunerable to hackers online. I have decided to remove what they call "NetBIOS to TCP/IP binding" from my computer and have noticed through my firewall software (Outpost), that not only have my open ports dropped significantly, but the Attack Detection has basically quieted down dramatically as well. The whole reason I did this was I noticed that Outpost treated these NetBIOS connection attempts as possible attacks. I wondered why this was happening and hence, did the research. It almost seems that NetBIOS is useless unless you are using a LAN/WAN scenario. Is this true?
-
November 16th, 2002, 11:28 PM
#2
<despare>Erhh!! </despare>
Yes... and this has been mentionned COUNTLESS TIMES ALREADY.
Please, please search/read the archives/forums before posting (now isn't to late either...)
Ammo
PS: Oh and by the way, MS didn't invent NetBIOS, IBM did...
Credit travels up, blame travels down -- The Boss
-
November 17th, 2002, 01:33 AM
#3
Re: Closing the backdoor on NetBIOS
Originally posted here by ShagDevil
I did some research recently and found out about NetBIOS. Apparently this software created by microsoft leaves your computer vunerable to hackers online. I have decided to remove what they call "NetBIOS to TCP/IP binding" from my computer and have noticed through my firewall software (Outpost), that not only have my open ports dropped significantly, but the Attack Detection has basically quieted down dramatically as well. The whole reason I did this was I noticed that Outpost treated these NetBIOS connection attempts as possible attacks. I wondered why this was happening and hence, did the research. It almost seems that NetBIOS is useless unless you are using a LAN/WAN scenario. Is this true?
Heh, take ammo's advice next time. Yes, NetBIOS (Network Basic Input/Output System) was created by IBM, not Microsoft. Secondly, it is probably the easiest way to remotely access another computers files, which would probably be why your attack detection is lower. Many people do nbt scans to see if you have the service/port open. That would explain why the attack detection is lower, IMHO.
As for the LAN (Local Area Network) comment, yes, generally NetBIOS was meant for networked computers on a LAN or WAN to access each other's files easily. However, their is an exploit for it (obviously) so that is that. So yeah, unless you have a network, you should not have netBIOS open. Even if you do, use a strong password and/or install netbeui for the network. Hope I helped!
-
November 17th, 2002, 02:18 AM
#4
Ahh don't worry ShagDevil. Newbies (including me) are sometimes anxious to post...
Agnitum's default setting I believe blocks NetBIOS. NetBIOS is more of DoS vuln. than a hacker threat. True, hackers or kiddies can scan via NetBIOS for shares, even if they are hidden.
But more dangerously, a malicious person can down your system if your really vulnerable. Beware of the OOB nuke...........
It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.
Hit it!
-
November 17th, 2002, 02:25 AM
#5
Showtime8000> you have an excellent point, however most systems these days aren't vulnerable against the OOB Nuke. It can still happen of course, just rarely.
-
November 17th, 2002, 02:30 AM
#6
The help is much appreciated. And I think I understand now, it was IBM, not Microsoft. I worded my post incorrectly when I said 'created'. Yes, I shall be more weary next time around as I'm only just starting around these parts. I still appreciate the help though. Thanks
The object of war is not to die for your country but to make the other bastard die for his - George Patton
-
December 27th, 2002, 05:46 AM
#7
yeah! thanx for the post and all the replys that explain so much for me as a newbie
fairly new to security issues.
--------------------------------------
phaza :-*
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|