Neo_diablos:

NOTE: You computer will not be able to share files on o network as a result of these modifications: If you need to be able to do this, skip down past "NetBIOS should effectively be disabled"

Disabling NetBIOS
On XP (Home or Pro), go to the properties for your network card or modem and make sure that "File and Printer Sharing" is not checked. Also, go to "Internet Protocol (TCP/IP)" and select properties. Select the "Advanced" button and then the "WINS" tab. Check the box beside "Disable NetBIOS over TCP/IP (it's about 3/4 the way down.) Click Apply and OK. Next, Go into "Control Panel" then "Administrative Tools" and then "Services"

Disable the following services: (the previous step should have done this for us, but it is always best to double-check )

TCP/IP NetBIOS Helper Service
Remote Access Auto Connection Manager
Simple Network Monitoring Protocol (if installed)
NOTE: SNMP isn't part of NetBIOS, but can be forced to divulge similar information if enumerated.

NetBIOS should effectively be disabled.

As an added measure, or if you need to be able to share files on a network, install a personal or hardware firewall and block TCP/UDP ports 135-139 and 445.

You might want to also take the time to harden the TCP/IP protocol stack a little further...this is not for the faint of heart as it involves modification of the registry. There are programs available that will do this for you, such as Tweak Manager.

These changes will make the computer less suseptable to DoS and SYN flooding, but performance may suffer....In my experience it has been un-noticeable.

Open your registry with regedit and find HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Create the following DWORD values and set them to the numeric value in quotes. If the DWORD value already exsists, just change the numeric value.

EnableDeadGWDetect = "0"
EnableICMPRedirect = "0"
EnablePMTUDiscovery = "0"
KeepAliveTime = "300,000"
NoNameReleaseOnDemand = "1"
PerformRouterDiscovery = "0"
SynAttackProtect = "2"

Restart Windows

After all this, search through the forums and learn how to disable the default accounts in XP, as well as give the "Administrator" and "Guest" accounts strong passwords. Also disablew remote assistance if you haven't already done so.


Hope it helps