NetBiosSession

Printable View

February 20th, 2002, 02:23 PM
Dr Toker

NetBiosSession

Net Bios is a services that runs on port 139.I have seen it many times, when port scanning.
However, I have never been able to interact with this service,using a telnet/hyperterminal.

Questions: Do I need a client designed for NetBios sessions? Where can I find it?

Am I just not using the correct term type? What is the Term Type, how can I find it?

What programs are used with this service/port.....Netmeeting, ISP connection, ect... ???

This port often shows open on my local machine at home, should I be concerned about a security hole?

I am sorry if these are pretty vauge questions, but this is literally all I know about this peticular service. Any and all info would help me come to a better understanding of all of this.
February 20th, 2002, 02:44 PM
Guus

NetBIOS is a communications protocol, primairally used by windows clients to communicate amongst themselves - sharing drives or folders between windows machines is a common application for NetBIOS. If you want to make use of it through Linux you can use Samba, it can use the same protocol.

Lots of information here: http://www.webopedia.com/TERM/N/NetBIOS.html
February 20th, 2002, 02:46 PM
jcdux

more info on NetBIOS & NetBEUI can be found here

For full info and details go here

That should get you started

;)

J.
February 20th, 2002, 02:51 PM
souleman

NetBios (ports 138 and 139) are used by MS products originally. It is the port which runs SMB, the messaging protocol that allows Network Neighborhood to show all the computers on your network. If you are on a linux box, Samba will run SMB also. You can't interact wth it with telnet/hyperterm, because it doesn't run TCP/IP, it runs SMB.

You can disable the port by turning off SMB in your network settings, but then you won't have the ease of use an a home network (if you are running one). If you don't have a network, turn off the port. There is no need to have any ports running that you are not using, because any open port is an entry way into your computer.
February 20th, 2002, 02:57 PM
bimmer

as far as my information guide me, that the Net BIOS is a network protocol for windows.
and if u don’t have a NIC on ur machine , so it's not important.
but it's considered as a UDP with a very lousy security
February 20th, 2002, 03:21 PM
Maverick811

To further add to the information already given in this post, NetBIOS is huge security hole if not set up properly. If misconfigured, a machine running NetBIOS can leave itself wide open to anyone on the outside, giving full access to the drives on the exposed machine - I also view exploiting NetBIOS as one of the easiest 'hacks' anyone could do because of it's simplicity and how many users machines are exposed without their knowledge. Now I won't mention how these exploits work, but I will mention that some possible methods to help discourage this exploit are: passwording any shared drives or folders on your machine, running a hardware/software firewall that blocks access to port 139 from the outside, or turning off File sharing if a computer is not on a network.

Hope this helps...
February 20th, 2002, 03:39 PM
bimmer

for good info. about anything for Net BIOS and others try this man .

http://www.itpapers.com/index.html

enjoy.
February 20th, 2002, 03:54 PM
Dr Toker

Thanx for all the info guys. THis is what i have gathered.
NetBios= Windows networking/Filesharing. Protocal=SMB: ?Messenging Protocal?
Big ass security hole if you dont need it/know about it.

I need to disable it on my pc.
What network settings do I go to? Start>Settings>Control Panel>Network?
Or somewhere else?