|
Posted by Steven L Umbach on September 28, 2005, 12:21 am
Please log in for more thread options
If you disable NBT your computer will no longer use ports 139 TCP, 137 UDP,
and 138 UDP. You will see that if you do a before and after using the
command netstat -an. My Network Places will no longer show computers and
network shares via the browse list, wins will not be used if the computer is
a wins client, and yes file and print sharing access will use only port 445
TCP.
In my opinion disabling NBT would have little impact on improving network
security other than creating some obscurity. There are much more important
things to do in the list of securing a network with enabling password
complexity and enforcing strong passwords being on top of the list and
taking advantage of technologies such as ipsec to secure sensitive servers
and data. NBT vulnerabilities got a lot of attention when the Hacking
Exposed type books started showing up and showed about how easy it was to
enumerate and logon to a network using NBT when it was NOT protected by a
firewall and weak or no passwords were used. The link below may be of
interest about NBT. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;299977
> If NetBIOS over TCP is turned off on a workstation, will port 137 the
> NetBIOS Name Service be used at all?
>
> If NetBIOS over TCP is turned off, will file sharing from servers located
> through Active Directory take place only on port 445?
>
> Aside from making it impossible to do file sharing with older servers,
> will
> the the use of port 445 for file sharing give any greater level of
> security
> than using ports 138 and 139?
>
> --
> Will
>
>
| 
XML Sitemap