NetBIOS?

I've never used NetBIOS and honestly don't really know what it is for. what can you do with it and how?

It would be easy for me to tell you to "Use the force" and go to http://www.google.com/search?sourcei...ient&q=netbios
But since you cant seem to find this information that is so very easy to aquire, I'm going to tell you what information I could come up with. I've fount 326,000 pages related to NetBIOS. Search took 0.26 seconds. One of the more informative links that caught my attention was this one:
http://cable-dsl.home.att.net/netbios.htm
It also has Netstat and Nbtstat commands and functions, all in one!!! Hope this helps,
Remote_Access_

Well, of course I've done searches, the force is strong with me. But what is the point of having a discussion forum if the only answer I can get to questions is "go to google.com"?
BTW what's everyones thing about google? What's so great about google?

Do NOT under ANY circumstances DOUBT the POWER of the WORLDS FASTEST search engine...plus, it's gotta cool logo.

Really though, just go to Google and sift through some stuff. But incase none of the texts talk about this one (Incase they want to look 1337 in anyway by not telling you this), the way to get into NetBIOS is by hitting F8 or Delete before the logo appears on a regular Windows Machine. Now read...hehehe.

1. do not talk bad about google.
2. do not talk bad about google.
3. seriously, go to google. it's the best.

NetBIOS is a network protocol (Just like TCP/IP is a bunch of network protocls) which is often used for windows file-sharing. You know, when you see computer in 'Network Neighborhood'? That's probably Netbios. (Although it can run encapsulated in other protocols at times.)

Anyway, NetBIOS is just the protocol for Windows machines (developed originally by IBM) for Windows Networking. That's sort of it. The usual ports associated with it are ports 137 to 139 on your computer. Unless you are sharing files or printers out so that other people on a home network can use them, it's probably a safe and good idea to block off any traffic to/from ports 137-139 on your computer.

If you *are* using those ports for some reason, it gets trickier, and any firewall rules or things-to-do depend on the situation.

NetBIOS is the SMB based higher level protocol used by microsoft networking, it is enabled by default on top of ipx or netbeui, but not on top of tcp/ip. Its the protocol that allows you to share files and printers and so on under the different windows operating systems.

If you enable netbeui on your machine for local networking, remove the netbios binding from tcp/ip altogether. Good idea to do it anyways :)

Any time you use the NET command under windows you are speaking through netbios of one sort or another.

cheers

Hi Pahkbel!

Good day to you! Aside from the good explanations stated above. You may want to check these two good links:
1. http://ourworld.compuserve.com/homep...s/contents.htm
2) http://huizen.dds.nl/~jacco2/samba/smb.html

Have fun! :)

[Quote] “I expect to pass through this life but once. Therefore, if there be any
kindess I can show, or any good thing I can do for another human being, let me
do it now, for I shall not pass this way again.”
-William Penn [/qoute]

netBIOS scan log:

Scanning range : 1*2.1*8.1.1-1*2.1*8.1.2*4

[23 computer(s) found .]

IP Address HostName UserName Operating System Server
1*2.1*8.1.2 KAVTS-9 ADMINISTRATOR Windows NT 4.0 Yes
1*2.1*8.1.3 EEC-SERVER EEC-SERVER Windows NT 4.0 Yes
1*2.1*8.1.6 COMP-TECH COMP-TECH Windows 2000 Yes
1*2.1*8.1.99 D32 DARLA Windows 2000 Yes
1*2.1*8.1.100 EEC5 EEC5 Windows 9x Yes
1*2.1*8.1.103 EEC4 EEC-STUDENT Windows 9x Yes
1*2.1*8.1.105 EEC2 EEC2 Windows 9x Yes

1*2.1*8.1.2 [ KAVTS-9 ] ( Windows NT 4.0 )

IP Address : 1*2.1*8.1.2
MAC : 00-*2-E3-*7-35-93
HostName : KA*TS-9
UserName : ADMINISTRATOR
LAN Manager : NT LAN Manager 4.0
Domain : VO-TECH-9
Resolved : KA*TS-9
Operating System : Windows NT 4.0

NETBIOS names (12)
KA*TS-9 - Workstation Service
KA*TS-9 - File Server Service
VO-TECH-9 - Domain Name
VO-TECH-9 - Domain Controllers
VO-TECH-9 - Domain Master Browser
VO-TECH-9 - Browser Service Elections
KA*TS-9 - Messenger Service
ADMINISTRATOR - Messenger Service
INet~Services - IIS
IS~KA*TS-9 - Workstation Service
VO-TECH-9 - Master Browser

__MSBROWSE__ - Master Browser

Open ports (5)
21 [ Ftp ]
80 [ Http ]
139 [ Netbios-ssn ]
443 [ HttpS ]
1080 [ Socks ]

use this...

http://members.tripod.com/~Gavin_Winston/NETBIOS.HTM

Great!
Thanks guys, all that has been a fantastic help.

I got this a couple of days ago from www.thenewbiesarea.com


" Gaining Remote axess to a Windoze box
By Ghostly Mayhem
e-mail: [email protected]

=====================================================
| K so I know thiz aint brain surgery and others |
| Have said it b4 but I want ever1 to know this |
| Even if it is the only thing they learn |
=====================================================

K so this will work as long as u have an internet connection and a little DOS proggy
called NBTSTAT.

So type "NBTSTAT/?" and if any help comes up then you are sweet, it says "bad command
or file name" then you need to instll NBSTAT just search the net and I guesss you
will phind it.

=============================================================================
K so go online then open a DOS window and then type "NBTSTAT -A (ip address)"
The possible responses are:

"Host not found" - if this comes up then the system can't be hacked
using this method.

Or you may recieve a table:

Name Type Status
------------------------------------------------------------------------
Billy Bob <20> UNIQUE Registered
Jimmy Bob <00> GROUP Registered
Moss machine <03> UNIQUE Registered



Okay see the little hex numbers? ie. <03>
if the number is 20 then it means that the lamer has file sharing on.


Okay type "edit"
now put in the ip address of your victem and press TAB
three times then the name from the left of the <20>

Save this in your C:\windows directory as LMHOSTS
=============================================================================
Okay to gain axess to their machine by fooling it you are on its network you ust first go to the control
panel and then into Network.
Now tell your computer you wish to allow file sharing and it will install some required drivers and tell
you to restart your computer.
NB. Turn off file sharing again and it won't delete the drivers. If you don't turn off file sharing your own
computer will be suceptable to this attack.
=============================================================================
K from here u can do 1 of two things the most basic being

Go to start menu\find\computer and tell it to phind the name that the computer was
labeled.

=============================================================================
Or if you can't do it this way

type in this:
c:\>net view \\[ipaddress]

u will see a list Choose 1
and then type this:
c:\>net use g: \\[ipaddress]\[sharename]

If this works, type :

c:\>cd g:

=============================================================================
Okay so if you wanna try testing a whole lot of putrs using a port scanner then you wanna scan
for an open port 139 cause that is the one used for file sharing this being open means that this
hack will probably work
=============================================================================

If u phind any kuel boxes then please send me the ip address
and if you need any help please e-mail me"

Hey: there is more outthere then Netbios
:)

If some1 is interested a list of the standard protocols on the net


Standard Protocols Ordered by STD

Mnemonic Title
------------------------------------------------------------------------
-------- Internet Official Protocol Standards
-------- Assigned Numbers
-------- Requirements for Internet Hosts - Communication
Layers
-------- Requirements for Internet Hosts - Application
and Support
-------- [Reserved for Router Requirements. See RFC 1812.]
IP Internet Protocol
ICMP Internet Control Message Protocol
--------- Broadcasting Internet Datagrams
--------- Broadcasting Internet datagrams in the presence
of subnets
-------- Internet Standard Subnetting Procedure
IGMP Host extensions for IP multicasting
UDP User Datagram Protocol
TCP Transmission Control Protocol
TELNET Telnet Protocol Specification
TELNET Telnet Option Specifications
FTP File Transfer Protocol
SMTP Simple Mail Transfer Protocol
SMTP-SIZE SMTP Service Extension for Message Size Declaration
MAIL Standard for the format of ARPA Internet text
messages
NTP [Reserved for Network Time Protocol (NTP).
DOMAIN Domain names - concepts and facilities
DOMAIN Domain names - implementation and specification
-------- [Was Mail Routing and the Domain System. Now
Historic.]
SNMP Simple Network Management Protocol (SNMP)
SMI Structure and identification of management
information for TCP/IP-based internets
Concise-MI Concise MIB definitions
MIB-II Management Information Base for Network Management of TCP/IP-based internets:MIB-II
EGP [Was Exterior Gateway Protocol (RFC 904). Now
Historic.]
NETBIOS Protocol standard for a NetBIOS service on
a TCP/UDP transport
ECHO Echo Protocol
DISCARD Discard Protocol
CHARGEN Character Generator Protocol
QUOTE Quote of the Day Protocol
USERS Active users
DAYTIME Daytime Protocol
TIME Time Protocol
TOPT-BIN Telnet Binary Transmission
TOPT-ECHO Telnet Echo Option
TOPT-SUPP Telnet Suppress Go Ahead Option
TOPT-STAT Telnet Status Option
TOPT-TIM Telnet Timing Mark Option
TOPT-EXTOP Telnet Extended Options: List Option
TFTP The TFTP Protocol (Revision 2)
RIP1 [Was Routing Information Protocol (RIP). Replaced
by STD 56.]
TP-TCP ISO transport services on top of the TCP:
Version 3
IP-FDDI Transmission of IP and ARP over FDDI Networks
ARP Ethernet Address Resolution Protocol: Or converting
network protocol addresses to 48.bit Ethernet
address for transmission on Ethernet hardware
RARP Reverse Address Resolution Protocol
IP-ARPA [Was BBN Report 1822 (IMP/Host Interface). Now
Historic.]
IP-WB Host Access Protocol specification
IP-E Standard for the transmission of IP datagrams
over Ethernet networks
IP-EE Standard for the transmission of IP datagrams
over experimental Ethernet networks
IP-IEEE Standard for the transmission of IP datagrams
over IEEE 802 networks
IP-DC DCN local-network protocols
IP-HC Internet Protocol on Network System's HYPERchannel:
Protocol specification
IP-ARC Transmitting IP traffic over ARCNET networks
IP-SLIP Nonstandard for transmission of IP datagrams
over serial lines: SLIP
IP-NETBIOS Standard for the transmission of IP datagrams
over NetBIOS networks
IP-IPX Standard for the transmission of 802.2 packets
over IPX networks
ETHER-MIB Definitions of Managed Objects for the Ethernet-
like Interface Types
PPP The Point-to-Point Protocol (PPP)
PPP-HDLC PPP in HDLC-like Framing
IP-SMDS Transmission of IP datagrams over the SMDS Service
POP3 Post Office Protocol - Version 3
OSPF2 OSPF Version 2
IP-FR Multiprotocol Interconnect over Frame Relay
RIP2 RIP Version 2
RIP2-APP RIP Version 2 Protocol Applicability Statement
SMIv2 Structure of Management Information Version
2 (SMIv2)
CONV-MIB Textual Conventions for SMIv2
CONF-MIB Conformance Statements for SMIv2
RMON-MIB Remote Network Monitoring Management Information Base SMTP-Pipe SMTP Service Extension for Command Pipelining
ONE-PASS A One-Time Password System

I did a little searching at this great place called Google and I fount a page that explanes NetBIOS. It even includes a couple of detailed models of maps and diagrams on how netBIOS werks. I thought it was a great source of information on netBIOS.

Remote_Access_

A point of interest regarding NetBios.

It is a non-routable protocol.

You need another protocol to enable WAN.

So it's strictly a client-server protocol eh?

Quote:

---

Originally posted by pakbehl
So it's strictly a client-server protocol eh?

---

Well, you can make a peer-to-peer lan for it, I believe. So it's not a strict client-server model unless you go into more arcane NT networking or something along those lines.