NetBIOS over TCP/IP in Windows 2000 Server

Have you checked your keys lately? An intruder can get into your Windows 2000 Server system easily if you use NetBIOS over TCP/IP. Don't leave your servers unlocked—shut them down by following these steps.

The threat of crackers gaining access to your Windows 2000 Server systems and either stealing or destroying your data (or both!) is an ever-increasing possibility on this networked planet, despite your tight security. You use an internal subnet on unpublished IP numbers. The T1 goes to a firewall box that's connected to the Windows 2000 Server box running NAT. Remote Access isn't even used, and you've plugged up IIS. Even the FTP server doesn't allow unauthorized access from unqualified IP addresses.

Still, intruders can walk right in the front door if they have the key, and you can inadvertently give it to them, especially if you never use WINS. The trouble is that the default setting for NetBIOS over TCP/IP is on. Here's how to check:

  1. Go to Start | Settings | Network And Dial-up Connections and select the object that represents your connection to the Internet, whether it's connected directly or through a firewall.
  2. Click the Properties button to open a dialog and get the Properties for Internet Protocol (TCP/IP).
  3. Click Advanced in the bottom right-hand corner to switch to the WINS pane.
  4. In the lower half of the WINS pane are the NetBIOS Over TCP/IP options for this TCP/IP connection (which just happens to be directly connected to the Internet, likely with a static IP address). In its default setting, it allows TCP/IP to connect to NetBIOS on Port 139, a cracker's favorite. NetBIOS freely distributes plenty of information about the IP, domain name, and even your username (the aforementioned front door).
  5. Click the Disable NetBIOS Over TCP/IP radio button and click OK. This will take effect immediately.

Miss a column?

Check out the Windows 2000 Server archive, and catch up on the all the W2K Server columns.

Want more Win2K tips and tricks? Automatically sign up for our free Windows 2000 Server newsletter, delivered each Tuesday!

Editor's Picks