Securing Netbios on Windows 98

Posted on March 12th, 2001 in Uncategorized by Jay

Microsoft is not known for it’s high security practices. As a result most people who run a Microsoft operating system have the security holes already built in. In this tip I’ll show how to add just a little more security to your Windows 98 setup.

If you are using file and printer sharing or any other service that depends on netbios you shouldn’t use this tip. If you are unsure you certainly shouldn’t bother. This procedure also requires registry editing and renaming of system files. Anytime you venture into the registry you risk rendering your system useless. Before following these instructions be sure you have all important files backed up.

To completely disable netbios in Windows 98, first open the Network Control Panel and make sure that File and Printer Sharing is uninstalled. Next go to C:\Windows\System and rename vnetbios.vxd to vnetbios_vxd. Now open regedit and navigate to the Key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\VNETBIOS. Right click on the VNETBIOS key and choose delete. With you must restart to apply the changes. Once you restart if you open a DOS prompt and type netstat -a you shouldn’t see any netbios ports listening (ports 137-139).

Modified 2001-03-12

Securing Netbios on Windows 2000

Posted on March 8th, 2001 in Uncategorized by Jay

Microsoft is not known for it’s quality security practices. As a result most people who run a Microsoft operating system have the security holes already built in. In this tip I’ll show how to add just a little more security to your Windows 2000 setup.

If you are using file and printer sharing or any other service that depends on netbios you shouldn’t use this tip. If you are unsure you certainly shouldn’t bother.

Open the Network Control Panel. Then right click on your Local Area Connection and choose properties. The first step in securing netbios is to uninstall File and Printer Sharing if it is listed. This goes for any operating system and any protocol. If you don’t need a protocol then it’s just another security hole. The next thing to do is disable netbios over TCP. Click on Internet Protocol (TCP/IP) and choose properties. Next choose Advanced… and click the WINS tab. On this page uncheck Enable LMHOSTS lookup and choose Disable NetBIOS over TCP/IP. Click OK and if it asks you “This connection has an empty primary WINS address. Do you want to continue?” click yes. Click OK and OK and then close the control panel. You should reboot. Now any scanner looking for netbios information will turn up empty. One less hole.

Modified 2001-03-08