How to disable NetBIOS in Windows?

Permanent link:

https://auditsquare.com/advisory/windows/how-to-disable-netbios

What is “NetBIOS”?

NetBIOS is an acronym for Network Basic Input/Output System. It provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network. NetBIOS is used from 1984, but now is this API not needed anymore, although runs over TCP/IP via the NetBIOS over TCP/IP (NBT) protocol. NetBIOS provides three distinct services on ports 137-139. [Source: Wiki, DCIT]

Why is it a security issue?

Disabling NetBIOS protects your network from external attackers trying to exploit NetBIOS to find out information about your network. You also disable listing NetBIOS name tables and sessions for internal users and attackers.

How to fix it?

Using GUI

In Windows 7 use the following procedure and click:

  • Start – Control Panel – Network and Internet – Network Connections, choose network adapter and right click for Properties.
  • Find item “Internet Protocol Version 4 (TCP/IPv4)”
  • click Properties – Advanced – choose “WINS” tab and choose “Disable NetBIOS over TCP/IP”.

Disable NetBIOS

Notice:

  • You have to repeat this procedure for each network adapter.
  • In business environment you can use Microsoft DHCP server to send this option to your desktops (be sure, they are Windows 7 only).

Using a group policy

It is not possible to easy setup this policy in group policy. You can use some scripts, but it is over this manual (you can try to contact us).