In our local domain environment, we use Sophos UTM to protect our network. When I check the firewall logs, I can see that a huge number of packets dropped by the firewall are netbios-ns (UDP 137)
2012-04-02 18:17:46 Primary Allow 10.0.0.78 2.95.54.83 netbios-ns/udp 137 137 1-Data LAN 0-External Allowed 78 127 (Outgoing-00) The Nbstat command is a great command to use when you need to display the NetBIOS over TCP/IP protocol statistics. The Nbstat command can also be used to display NetBIOS name tables for both local and remote computers. NetBIOS is an inneficient protocol. It is very chatty with lots of broadcasts. When used with its defaults settings, it can be used by the bad guys to gather information about your network and users. This is done through null sessions. netbios-ns. NetBIOS is a protocol used for File and Print Sharing under all current versions of Windows. While this in itself is not a problem, the way that the protocol is implemented can be. NetBios services: NETBIOS Name Service (TCP/UDP: 137) NETBIOS Datagram Service (TCP/UDP: 138) NETBIOS Session Service (TCP/UDP: 139) By default, when File and Print Sharing is enabled it binds to everything, including TCP/IP (The Internet Protocol), rather than just the local network, meaning your
Apr 18, 2010 · Any idea why PrivateFirewall prevents incoming and outgoing connections from/to Netbios-dgm and Netbios-ns. From what I have read these are a netbios datagram and netbios name service respectively and are not dangerous. These are UDP(17) packets. Any clarification would be appreciated.
Apr 19, 2018 · This step-by-step article describes how to configure a computer running Windows Server 2003 with TCP/IP networking while NetBIOS is turned off. Sep 26, 2019 · NetBIOS is an acronym for Network Basic Input/Output System. It provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a loc
Mitre Corporation
Sep 07, 2017 · NetBIOS (Network Basic Input/Output System) NetBIOS is a service which allows communication between applications such as a printer or other computer in Ethernet or token ring network via NetBIOS name. NetBIOS name is 16 digits long character assign to a computer in the workgroup by WINS for name resolution of an IP address into NETBIOS name.