-
September 9th, 2001, 10:29 PM
#1
Secure Netbios?
Is there anyway that I could secure my netbios port? I mean against attacks? And peopel prom trying to steal the passwords?
I wanna be able to keep my filesharing enabled so I can use it from time to time, I mean I have a good firewall (Zone Alarm) And was wondering if there was another way to also secure the netbios?
-
September 10th, 2001, 05:14 AM
#2
You could either put big passwords on your shares, OR restrict it so that your shares only work on your LAN card, but not your modem. How are you using them?
[HvC]Terr: L33T Technical Proficiency
-
September 10th, 2001, 07:53 PM
#3
Well I'm using it over the internet to give shares to a person. I wish there was a way to just restrict it to an IP. I have my IIS going but it's not that great
-
September 10th, 2001, 11:47 PM
#4
Well, I'd suggest using a long (at least 8 char) password on the share, and perhaps with an underscore or something funky somewhere in it. If you have some sort of personal rule-based firewall, like Tiny's Personal Firewall or Conseal, you could block any incoming traffic to 137-139 (UDP and TCP) except for their address. Or if they have a dialup, the range of IPs they tend to have. It would cut down on risks by quite a bit, those two in tandem.
[HvC]Terr: L33T Technical Proficiency
-
September 11th, 2001, 12:54 AM
#5
Member
Uhm.. Why not filter the ports to outgoing traffic? A simple firewall will take care of that. Allowing only trusted hosts through. Not to mention (common sense) use better passwords.
Jason Parker - http://www.o-negative.net
o-Negative: Information Network
-
September 11th, 2001, 08:45 AM
#6
Junior Member
u can also not only a large pass but use caps like MiSsIsSipPi cause most crack prog use only reg font no caps and to run a crack prog that also use's caps takes to long to find a pass and most crackers loss intrest in 3 to 4 hours
-
September 11th, 2001, 06:23 PM
#7
Originally posted by jparker
Uhm.. Why not filter the ports to outgoing traffic? A simple firewall will take care of that. Allowing only trusted hosts through. Not to mention (common sense) use better passwords.
Didn't I just say that? (Except more of a recommendation on blocking incoming rather than outgoing NBT info)
[HvC]Terr: L33T Technical Proficiency
-
September 29th, 2001, 05:45 PM
#8
Member
u can also not only a large pass but use caps like MiSsIsSipPi cause most crack prog use only reg font no caps and to run a crack prog that also use's caps takes to long to find a pass and most crackers loss intrest in 3 to 4 hours
Netbios passwords are not case sensitive, and dont preserve fonts.
By the way,
Recently there was a bug discovered in the Netbios password authentication. Anyone exploiting that bug can crack the passwords at the rate of about 1 char/ 5 seconds in good conditions over dial-up. Hence making any password crackable in less then one minute.
If you dont believe me, then send me and IP address with protected shares (only works on Win95, 98, and ME boxes) and i'll give a demonstration.
I'd suggest using FTP instead.
It's not prefect, but its alot more secure then NetBios.
-8trak
-
September 29th, 2001, 06:49 PM
#9
Junior Member
NetBIOS...no thanks...
I suggest ripping it off and installing some third party sharing tool if you want to share files. NetBIOS is NOT safe and it never will be.
Heres how to rip it off completely:
http://www.geocities.com/jansson_markus/netbios.html
Markus
My privacy related homepage and PGPkeys:
http://www.markusjansson.net
-
September 29th, 2001, 07:50 PM
#10
I'd just only have it enabled on my network adapter, and not on my dialup adapter... Because I trust the people in my house.
[HvC]Terr: L33T Technical Proficiency
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|