Onaran join:2012-11-10 Oakland, CA |
Onaran
Member
2014-Aug-21 3:57 pm
[XPPro] NetBIOS over TCP/IPCan this be uninstalled or disabled without losing use of printer? Different posts say different stuff. Some say it only stops printer sharing, others say it takes out all printers. I only have one PC so no interest in sharing, but I do need to use my inkjet & B&W laser printers. |
|
therube join:2004-11-11 Randallstown, MD |
I'm pretty sure that was a necessity for me - but ages ago. I would set it to the Default: setting & see all doesn't continue to work for you.
-> Use NetBIOS setting from the DHCP server... |
|
dave Premium Member join:2000-05-04 not in ohio |
to Onaran
Assuming you have TCP-connected printers, then ... it depends on the printer drivers. The port could be configured to locate the printer by name or by IP address. And if by name, then it depends on how name resolution happens.
My HP something-or-other uses IP address, though there's a reset-the-address program that finds it by some other magic which I have no looked into. My Brother laser, I'm not so sure.
Seems like your best bet is to disable it and try.
Though really, I'd just leave NBT enabled. Why do you care about this? |
|
|
to Onaran
You don't need it. It is a security risk. Disable it. From wikipedia: » en.wikipedia.org/wiki/Ne ··· r_TCP/IPquote: Two vulnerable network protocols are: the Server Message Block (SMB) protocol and NetBIOS over TCP/IP. Both services can reveal incredible amounts of detail and vital, security information about an exposed network. NetBIOS over TCP/IP and SMB provide recurring vectors for malicious attacks upon a network. Specifically, NetBIOS provides attackers with a means to map the network and also freely navigate a compromised intranet.
NetBIOS is effectively becoming a legacy protocol. NetBIOS was developed for non-routable LANs. NetBIOS effectively offers backwards compatibility for network devices that predate compatibility with DNS. Windows 2000-based, Client-Server networks - and later - do not require this insecure means of name resolving and addressing or navigating of network shares.
|
|
Wily_One Premium Member join:2002-11-24 San Jose, CA |
Wily_One
Premium Member
2014-Aug-21 11:43 pm
Well yes, but unless you're directly connected to the Internet, the only "risk" is from other computers on your LAN. DSL/Cable modems do not pass any of that traffic between your LAN and the outside by default. |
|
Mentat Premium Member join:2001-02-25 Houston, TX |
Mentat to dave
Premium Member
2014-Aug-22 12:35 am
to dave
said by dave:Why do you care about this? Steve Gibson strikes again! |
|
NormanSI gave her time to steal my mind away MVM join:2001-02-14 San Jose, CA TP-Link TD-8616 Asus RT-AC66U B1 Netgear FR114P
1 recommendation |
to Onaran
If you don't have multiple, networked computers, you don't need it. But current practice for residential ISPs is to block NetBIOS (some combination of ports 137, 138, and 139) and SMB (port 445). And NAT routers don't forward unsolicited packets. So the security threat is seriously mitigated anyway. |
|
NormanS |
to whizkid3
said by whizkid3:You don't need it. It is a security risk. Disable it. It has been at least ten years since I could poke around in my neighbors' networks. Residential ISPs have pretty much broken the ability to do those things. By policy. |
|
|
1 recommendation |
balur
Member
2014-Aug-22 12:08 pm
12 years ago I lived in a condo which had built in ethernet ports anda T1 to the Internet. It was amazing for the time... but there was no security, everyone plugged into the Ethernet was part of the same network.
One day while I was bored i wrote up a text file "You should disable File Sharing, here's how to do it" and dropped it into the startup folder of several peoples computers. |
|
1 recommendation |
to Onaran
If you are still using XP then this freeware will give you easy controls over NetBIOS and many other ways to harden your system. I've used it for years. Seconfig XP » seconfig.sytes.net/Or from Softpedia: » www.softpedia.com/get/Se ··· XP.shtml |
|
Onaran join:2012-11-10 Oakland, CA |
Onaran
Member
2014-Aug-26 5:59 pm
Thanks for the link. I looks mighty interesting, and maybe will do close to what grc website recommends! |
|
NormanSI gave her time to steal my mind away MVM join:2001-02-14 San Jose, CA TP-Link TD-8616 Asus RT-AC66U B1 Netgear FR114P
1 recommendation |
said by Onaran:Thanks for the link. I looks mighty interesting, and maybe will do close to what grc website recommends! I believe the GRC site recommends against having a static IP address, and configuring it with a rational rDNS name. The text below might uniquely
identify you on the Internet
Your Internet connection's IP address is uniquely associated with the following "machine name":
reki.aosake.net
The string of text above is known as your Internet connection's "reverse DNS." The end of the
string is probably a domain name related to your ISP. This will be common to all customers of
this ISP. But the beginning of the string uniquely identifies your Internet connection.
The question is: Is the beginning of the string an "account ID" that is uniquely and permanently
tied to you, or is it merely related to your current public IP address and thus subject to change?
I believe I can safely ignore some of the advice given there. BTW, the domain name has no relation to my ISP. |
|