Security aspect NETBIOS guidence wanted
Results 1 to 8 of 8

Thread: Security aspect NETBIOS guidence wanted

  1. #1
    Senior Member
    Join Date
    Feb 2003
    Posts
    282

    Security aspect NETBIOS guidence wanted

    I have been researching NETBIOS and File, Printer shareing, and have some questions regarding security.

    I have two computers in which I wish to enable File and Printer shareing. I have searched google and found much information on this topic includeing how to do it. My concern is the security.

    The master computer has a broadband internet conection, and so my wory is an external threat thrying to take advantage of my file shares. I do not have a router, but I do have a software firewall in which I could configure only local access to file/ printer shareing.

    Is this enough, to filter all incomeing trafic, or is there a alternative for NETBIOS.

    It is my understanding NETBIOS is a protocol, so it would make sence for a third party protocol/service which alows files shareing. Is this avaialable because google does not provide me with any alternatives.

    Can someone please lend me some guidence?

  2. #2
    Junior Member
    Join Date
    Nov 2003
    Posts
    18
    If you are using internet connection sharing (only one PC is directly connected to the internet) then put a firewall like zonealarm on the gateway pc and and put the other pc in its trusted computers section, then set it to allow file and printer sharing only in the trusted zone. If on the other hand both are connected to the internet then just firewall them both and put each computer in the other ones trusted zone.

  3. #3
    Senior Member Zonewalker's Avatar
    Join Date
    Jul 2002
    Posts
    949
    which version of windows are you running? I ask because in addition to the above you could also use netBEUI instead of netBIOS. netBEUI is a non routable protocol and thus is slightly safer than netBIOS but will still allow file and print sharing.

    using it win win98/Me is easy - install it from the OS CD and remove netBIOS. This website should help (NOTE you do need to disable netBIOS to make yourself safer)

    http://www.practicallynetworked.com/sharing/netbeui.htm

    Sadly netBEUI is not supported by MS anymore for XP but I think it is still available on the WinXP CD (not sure about that but worth a look)

    ahh..just had a quick look..netBEUI is still available for XP...looky here

    http://www.winxpcentral.com/windowsxp/netbeui.php

    Z
    Quis Custodiet Ipsos Custodes

  4. #4
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    Journy:

    I had a software firewall installed, (Norton), and I also had three PC's on a LAN. I had trouble getting my computers to connect to my shared drives on my PC with Norton. later I realized that I didn't have my computers in the trusted zone. Needless to say, I couldn't connect to it, I couldn't even ping that computer. I think that you should be pretty safe if you put up a firewall, and only allow local access to your shares.
    =

  5. #5
    Senior Member
    Join Date
    Feb 2003
    Posts
    282
    Thanks for all the replys, I do have Windows XP on the one machine, the master, and on the second it has 98. I am checking out the link on Netbeui for xp, it sounds promiseing.

    My software firewall I use called Kerio, has settings for the file printer shareing and to enable either local trusted access or external or both. Im gona read up some one this, but I should be safe then if the firewall blocks non-local computers?

    Only the one computer has the internet conection, but I am only wanting to share files and printers, no internet conection shareing.


    Those links are usefull, thank you very much.

  6. #6
    Senior Member
    Join Date
    Feb 2003
    Posts
    282
    Update: file/printer shareing is now setup sucessfully, currently under the NetBIOS protocol and as soon as I can get the NetBEUI to work I will make the switch. I initialy had problems geting it setup, but my mistake I believe was the guest account on XP was disabled, and possibly the NTFS filesystem, as I repartitioned and formated back to FAT32 for now.

    Once again thanks to everyone for all your help, my firewall is set up to block external access.

    BTW i am typeing this on the client machnine right now, and I thought I would need to buy an extra ip if I also wanted internet connection shareing but aparently not as I am on the internet.

  7. #7
    Senior Member Zonewalker's Avatar
    Join Date
    Jul 2002
    Posts
    949
    BTW i am typeing this on the client machnine right now, and I thought I would need to buy an extra ip if I also wanted internet connection shareing but aparently not as I am on the internet.
    you'd only need an extra ip if you connected your client up on a seperate line - basically your XP box is acting like a router/gateway so as far as you ISP is concerned you only have one computer connected to the net - I'm sure you have discovered this but just in case any newbie wanted clarification

    Z
    Quis Custodiet Ipsos Custodes

  8. #8
    Senior Member
    Join Date
    Feb 2003
    Posts
    282
    ahh, that makes sence. Thanks for this much needed explanation. It seemed strange that I had the internet on both but now I understand why.

    This has been a great learning experince. Still working on getting NetBEUI, but last night I installed it successfully, was not sure however which network connection to install it on, LAN1 or LAN2. I have much more to learn.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •