This is whats called a NetBIOS null session or anonymous NetBios session. This allows people to enumerate all sorts of information from NetBIOS. There are many tools for enumerating NetBIOS accounts,shares,users,machines,policies and other information. The one I use is called enum.exe and will even perfrom a dictionary attack on the accounts it enumerates. This can be disbled through the "Local Security Policy" under the "Security" settings section by setting the "Additional Restrictions for Anonymous Connections" (There are a few options I think) or as a domain security policy via the MMC from the PDC. The most relevant key is:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\
RestrictAnonymous:REG_DWORD:"1"

This will disable anonymous NetBios sessions. There are other values for for this key in XP/2000 that allow more control but they may break certain fuctionality with NT or 98 machines.


-Maestr0

EDIT:I hope 'they' arent doing this from the internet. Allowing incoming NetBios connections from the internet is a big security risk, unless absolutely neccesary I would block all NetBios ports at the network perimeter.