Turning Off NetBIOS To Enhance Your Local Area Network Security!

NetBIOS is Microsoft’s API (Application Programming Interface) which is allowing older Microsoft’s software to communicate with each other over local area network.  From several sources that I had read from (you can find these sources’ web links right below this blog post), people are rarely using pure NetBIOS these days.  Even when people want to share Windows’ files over local area network, NetBIOS might rarely be used since Microsoft relies on newer protocol which is known as CIFS (Common Internet File System).  So, OK, CIFS’s core protocol SMB (Server Message Block) is designed to work on top of NBT (NetBIOS over TCP/IP), but nowadays people have ways to implement CIFS without the use of NBT.  One example would be how people have come to rely on Linux’s Samba module to provide Windows services for CIFS protocol.  Furthermore, newer NetBIOS version has ditched NetBIOS Session Service (i.e., for file and print sharing) as it’s inherently a security risk, and so CIFS’s core protocol SMB is now relying on SMB Direct to provide something similar to NetBIOS Session Service (i.e., essentially forgoing NBT) — this means NetBIOS has become even more less important.

So, in a nutshell, I believe you only need NetBIOS if you want to use computer names within local area network so you can use Windows file and print sharing services.  When turning off NetBIOS, you can still use Windows file and print sharing services through the use of local IP addresses (e.g., 192.168.x.x, 172.16.x.x).  Furthermore, people who know how to work with Linux can use Linux distributions to host Windows’ file and print sharing services (e.g., FreeNAS).

I think it’s a bad idea to run NetBIOS, because it’s just one more access point, open door, for hackers to exploit.  Even though your Windows computers are secure behind a router’s firewall, turning on NetBIOS can still be dangerous.  How come?  Computer users might have installed malware by accident, and these malware can still make contact with hackers from the outside since most regular routers’ firewalls (i.e., not enterprise type) might not be configured to detect outgoing data.  With this in mind, malware can be made to piggyback onto NetBIOS to further exploit the computers within a local area network.  So, turning off NetBIOS is like closing off this very possibility!  You can follow the instruction below to turn off NetBIOS on Windows 7.

  1. Go to Control Panel
  2. Go to Network and Internet
  3. Go to Network and Sharing Center
  4. In the left panel, click on Change Adapter Settings
  5. Right click on your local area connection and click on Properties
  6. Highlight Internet Protocol Version 4 (TCP/IPv4) and click on Properties button below
  7. Click on Advanced
  8. Click on WINS tab
  9. Make sure to pick/fill the radio button which labels as Disable NetBIOS over TCP/IP and click OK to exit/save

IPv6 doesn’t seem to have any relation with NetBIOS, therefore you don’t have to worry about disabling NetBIOS for IPv6.