TCP/IP Network Configuration by Disabling NetBIOS in Windows 11

NetBIOS is an old technology, disabling NetBIOS makes communication in the network more secure, like other older technologies that also need to be turned off for security reasons.

NetBIOS is an old way for personal computers to communicate with each other over a network, created by IBM. This is an insecure way of sending information because it is not private, and does not work well for large networks because of the way it is organized.

Microsoft began using NetBIOS for its LAN Manager products in the late 1980s. Later, they added it to early versions of Windows and eventually to Windows NT. Although it has been made for a long time, what is surprising is that NetBIOS is still used and works in Windows 1 1 today.

Although NetBIOS has been used extensively in traditional Windows networking, it is increasingly being replaced by newer networking technologies such as Active Directory and DNS (Domain Name System). Since Windows 2000, DNS is the most commonly used way to find the names of computers on a Windows network.

NetBIOS is a tool used on Windows computers when DNS is not working. NetBIOS helps programs talk to each other without having to know about all the complicated network details or how to fix problems. NetBIOS works at level 5 of the OSI model, known as the session layer.

NetBIOS has risks and needs to be kept secure. Disabling NetBIOS keeps things safe, like other older technologies that also need to be shut down for security reasons.

If your network doesn’t have an old system, you should think about turning off NetBIOS on all computers, which is easy to do with DHCP. You can also turn it off on important file and print servers.

How NetBIOS Works

 NetBIOS’s job is to provide basic services that allow computers in a network to communicate with each other and share resources. Some of the common tasks performed by NetBIOS on a network are:

• Computer Name. NetBIOS is used to give names to computers in a network. Each computer in the network must have a unique name that is specified by the NetBIOS protocol. This name is used to identify and access computers over a network.
• IP addressing. NetBIOS is used to associate an IP address with a computer name. This allows users to access computer resources by using NetBIOS names rather than having to remember long IP addresses.
• Network Discovery. NetBIOS is also used to perform network discovery. This means that computers can search and find other computers on the network that use the NetBIOS protocol. This network discovery allows computers to know and access shared resources, such as printers or shared folders.
• Communication Services. The NetBIOS protocol also provides communication services between computers in a network. It allows computers to send and receive messages to each other over the network. The service can be used for applications such as file sharing and remote printing.
• Shared Name (NetBIOS Name Service). NetBIOS Name Service is the NetBIOS component responsible for registering and mapping computer names to their corresponding IP addresses. This allows computers in the network to discover each other by using NetBIOS names.
• NetBIOS over TCP/IP (NBT): NetBIOS is usually implemented on top of the TCP/IP protocol, and in this case is known as NetBIOS over TCP/IP (NBT). NBT enables computers running the TCP/IP protocol to use NetBIOS services in a network.

NetBIOS Security Risks

NetBIOS uses broadcast to perform network discovery. This can cause sensitive information, such as computer names or IP addresses, to be broadcast publicly on the network. Attackers can leverage this information to perform network scans or attacks on vulnerable systems.

NetBIOS does not provide a strong authentication mechanism, there is a risk of man-in-the-middle attacks. This attack occurs when an attacker infiltrates the communication between two systems and can steal or manipulate data transmitted between the two.

NetBIOS uses password-based authentication which is vulnerable to brute-force attacks, where attackers can try combinations of various passwords to gain access to a system. In addition, the use of weak or easy-to-guess passwords also increases the risk of such attacks.

NetBIOS has a history of security vulnerabilities that have been exploited by attackers. These vulnerabilities could allow attacks such as unauthorized code execution, service abuse, or system takeover.

In addition to vulnerabilities in the NetBIOS protocol itself, NetBIOS implementations on operating systems and network devices can also have security vulnerabilities that can be exploited by attackers.

How to Disable NetBIOS in Windows 11

Here are the general steps to disable NetBIOS in Windows systems:

1. Open Windows “Run”, and press the keyboard keys (WIN + R) to open it.
2. In the “Run” dialog box, type “ncpa.cpl” and then click the OK or Enter button to open the “Network Connections” settings.
3. Select the network connection for which you want to disable NetBIOS. For example, if you are using an Ethernet connection, right-click on the Ethernet connection icon and select “Properties” from the context menu.
4. In the “Properties” window, find and select “Internet Protocol Version 4 (TCP/IPv4)”.
5. Click the “Properties” button to open the protocol settings window.

6. Then in the newly opened window, click the “Advanced” button.

7. In the “Advanced TCP/IP Settings” window, select the “WINS” tab.
8. Next, select the option “Disable NetBIOS over TCP/IP”.

9. Click OK on all open windows to save changes.

After you disable NetBIOS, your computer no longer uses the NetBIOS protocol to communicate on the network. In addition, make sure that you understand the consequences of disabling NetBIOS and ensure that other settings in your network can function properly without relying on NetBIOS.