NBT vs SMB - security

  • Thread starter Thread starter Gary
  • Start date Start date
G

Gary

Microsoft advise that NBT (NetBIOS over TCP) and SMB (445)
should be disabled on machines that are in less protected
networks. I have a network which has a firewall permiting
only web access to a web server behind it. I would like to
also disable NBT and SMB on this machine to limit attack
vectors. However the web server needs to be able to access
a file share on another adjacent machine so this will not
be possible? If I were to disable one of these transports
over the other which one is more secure?
 
Since you don't need it on your web server, uninstall file and print sharing and
disable netbios over tcp/ip. You can still access the share on the other computer but
will not be able to browse for it in Network Places, however you can map a drive or
create a shortcut to it using unc as in \\servername\share or even by local IP
address as on \\xxx.xxx.xxx.xxx\sharename as long as Client for Microsoft Networks is
enabled. Just in case you have not read about the IIS Lockdown tool, you will want
to run that on your server also ONLY after a full backup including the System State
and backing up IIS configuration via the IIS Management Console. --- Steve

http://www.microsoft.com/technet/security/tools/locktool.mspx
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Does XP use NBT (NetBIOS over TCP/IP)? 1
SMB or NBT issues on VPN 5
Security Configuration. 4
need help with SMB over SSH 1
Lots of SMB traffic 3
SMB null session 1
NetBIOS over TCP/IP 1
1219 WinLogon error 1

Back
Top