Sign in with
Sign up | Sign in
Your question

Netbeui and Lan security

Last response: in Wireless Networking
Share
August 21, 2005 5:19:28 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

I am afraid I am confused about the inner workings of how wireless networks
and internet sharing actually works especially as to Netbeui and "bindings".

At my home I am connected to the internet through a cable modem. Between
this cable modem and my home wireless LAN is a router on which I have
1. changed the default SSID and prevented its broadcasting
2. installed WEP and implemented MAC filtering.
3. I also have Zone Alarm on all the LAN PCs.

However to connect wirelessly to a W98 SE PC on the LAN I needed to install
Netbeui. I've been told that I should not need Netbeui. but it is the only
way I could access the files on the W98 PC, so I have it for now.

A. My concern is that since Netbeui "bypasses" the TCIP configurations and -
I presume the wireless firewall protection (?) - is this home LAN insecure
to neighbors or war-drivers passing by? In other words can the LAN be
accessed by an intruder "behind" the router?

B. Since this W98 PC connects to the internet through the LAN and then the
cable modem is it still protected on the internet despite the open Netbeui?

C. I've read about bindings but remain totally confused. My understanding
is that because Windows unnecessarily binds everything together, this
creates security problems and that I need to unbind some of the default
bindings. However I do not know how to do this in XP Home or W98SE. Any
help?

Thanks.


--

Jeff Williams
Jeff@who_knows.com

More about : netbeui lan security

Anonymous
a b F Wireless
August 21, 2005 5:19:29 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

1) Disabling SSID broadcast offers you no real increase in security
2) Implementing MAC filtering offers you no real increase in security
3) WEP is VERY easily circumvented. Use WPA instead.

With the configuration you currently have, I'd be more worried about people
"breaking" into your wireless network. It doesn't matter if you're running
TCP/IP or NetBeui, neither one will compromise your security, but having WEP
instead of WPA will.

Matt Gibson - GSEC
August 21, 2005 7:56:00 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Hi

NetBEUI actually add security for both Wireless and Internet connections.

1. Since NetBEUI is Not Routable it can Not "leak" info to the Internet.

2. As far as Wireless connection is concerned NetBEUI additional security is
more of a statiscal factor. Since most people use TCP/IP and do not have
NetBEUI installed, if your security is Bridged they would not be able to
"Read" NetBEUI traffic with TCP/IP.

If the "leecher" does have NetBEUI installed on his/her/s computer the
situation is not better or worse than with TCP/IP.

Wireless security is Not a matter of Black and White; a lot of the
statements that are seen on line are more a matter or "social macho
proverbs" rather than common sense. Beside disabling SSID, which night
deem you Wireless connection "Quirky", any other measure adds more to the
general Equation of Security regardless whether somewhere on the planet
there is some one that can Brake it.

Wireless Security - http://www.ezlan.net/Wireless_Security.html

WEP, WPA, and the Future - http://www.ezlan.net/wpa_wep.html

Wireless Segregation: http://www.ezlan.net/shield.html

Jack (MVP-Networking).





"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:efmbj5npFHA.3256@TK2MSFTNGP12.phx.gbl...
> 1) Disabling SSID broadcast offers you no real increase in security
> 2) Implementing MAC filtering offers you no real increase in security
> 3) WEP is VERY easily circumvented. Use WPA instead.
>
> With the configuration you currently have, I'd be more worried about
people
> "breaking" into your wireless network. It doesn't matter if you're
running
> TCP/IP or NetBeui, neither one will compromise your security, but having
WEP
> instead of WPA will.
>
> Matt Gibson - GSEC
>
>
Related resources
August 21, 2005 8:09:11 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Thank you Jack. This is both helpful and reassuring.

What I have is just a home LAN and I just want to add reasonable security to
it.

> Beside disabling SSID, which night
> deem you Wireless connection "Quirky"

What do you mean by making the Wireless connection "Quirky"? In what way?

Any comments about bindings and the need to unbind any "unnecessary
bindings" for the sake of security, as I've read on some websites?

Concerning WEP/WPA I intend to switch to WPA as soon as I've updated all my
adapter drivers.

Thanks again.

Jeff

"Jack" <jack@msnews.microsoft.com> wrote in message
news:eKKK8mopFHA.320@TK2MSFTNGP09.phx.gbl...
> Hi
>
> NetBEUI actually add security for both Wireless and Internet connections.
>
> 1. Since NetBEUI is Not Routable it can Not "leak" info to the Internet.
>
> 2. As far as Wireless connection is concerned NetBEUI additional security
> is
> more of a statiscal factor. Since most people use TCP/IP and do not have
> NetBEUI installed, if your security is Bridged they would not be able to
> "Read" NetBEUI traffic with TCP/IP.
>
> If the "leecher" does have NetBEUI installed on his/her/s computer the
> situation is not better or worse than with TCP/IP.
>
> Wireless security is Not a matter of Black and White; a lot of the
> statements that are seen on line are more a matter or "social macho
> proverbs" rather than common sense. Beside disabling SSID, which night
> deem you Wireless connection "Quirky", any other measure adds more to the
> general Equation of Security regardless whether somewhere on the planet
> there is some one that can Brake it.
>
> Wireless Security - http://www.ezlan.net/Wireless_Security.html
>
> WEP, WPA, and the Future - http://www.ezlan.net/wpa_wep.html
>
> Wireless Segregation: http://www.ezlan.net/shield.html
>
> Jack (MVP-Networking).
>
>
>
>
>
> "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
> news:efmbj5npFHA.3256@TK2MSFTNGP12.phx.gbl...
>> 1) Disabling SSID broadcast offers you no real increase in security
>> 2) Implementing MAC filtering offers you no real increase in security
>> 3) WEP is VERY easily circumvented. Use WPA instead.
>>
>> With the configuration you currently have, I'd be more worried about
> people
>> "breaking" into your wireless network. It doesn't matter if you're
> running
>> TCP/IP or NetBeui, neither one will compromise your security, but having
> WEP
>> instead of WPA will.
>>
>> Matt Gibson - GSEC
>>
>>
>
>
Anonymous
a b F Wireless
August 22, 2005 3:16:01 AM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

On Sun, 21 Aug 2005 13:19:28 -0400, Jeff wrote:

> I am afraid I am confused about the inner workings of how wireless networks
> and internet sharing actually works especially as to Netbeui and "bindings".
>
> At my home I am connected to the internet through a cable modem. Between
> this cable modem and my home wireless LAN is a router on which I have
> 1. changed the default SSID and prevented its broadcasting

Let it broadcast; it isn't helping anything to disable broadcast. Do let
the name change stand, though; just in case you have a neighbor with a WLAN
and the same equipment.

> 2. installed WEP and implemented MAC filtering.

If your equipment is capable of WPA with AES, use it. If it is not, plan to
replace it with equipment which is capable of it.

MAC filtering is useful for certain purposes; I use it to ensure that a
connected device always obtains the same IP address. I doubt that it really
adds much to security, though.

> 3. I also have Zone Alarm on all the LAN PCs.

As good as any software personal firewall.

> However to connect wirelessly to a W98 SE PC on the LAN I needed to install
> Netbeui. I've been told that I should not need Netbeui. but it is the only
> way I could access the files on the W98 PC, so I have it for now.
>
> A. My concern is that since Netbeui "bypasses" the TCIP configurations and -
> I presume the wireless firewall protection (?) - is this home LAN insecure
> to neighbors or war-drivers passing by? In other words can the LAN be
> accessed by an intruder "behind" the router?

NetBEUI does not "bypass" TCP/IP, it is an alternative to TCP/IP.

> B. Since this W98 PC connects to the internet through the LAN and then the
> cable modem is it still protected on the internet despite the open Netbeui?

It is "protected" from the Internet by the fact that NetBEUI packets, not
being TCP/IP packets, can't be routed through TCP/IP routers; unless they
are encapsulated inside of TCP/IP packets.

> C. I've read about bindings but remain totally confused. My understanding
> is that because Windows unnecessarily binds everything together, this
> creates security problems and that I need to unbind some of the default
> bindings. However I do not know how to do this in XP Home or W98SE. Any
> help?

Forget about bindings, in the fancy sense of the GRC site. Your network
adapters won't work unless some protocol is bound to them. Because of your
router and firewalls, allowing TCP/IP to be bound to the adpaters is secure
enough.

Then there are the protocol bindings. I do unbind stuff from the TCP/IP >
Dial-Up modem protocol; but that is the only place where I do that. All
other adapters and protocols have TCP/IP bound. With the router in place,
assuming it also filters unsolicited inbound packets, your LAN will be
sufficiently secure.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
August 22, 2005 11:13:32 AM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

"N. Miller" <anonymous@discussions.microsoft.com> wrote in message
news:1u6wb1ie3idbb$.dlg@discussions.microsoft.com...
> On Sun, 21 Aug 2005 13:19:28 -0400, Jeff wrote:
>
>> I am afraid I am confused about the inner workings of how wireless
>> networks
>> and internet sharing actually works especially as to Netbeui and
>> "bindings".
>>
>> At my home I am connected to the internet through a cable modem. Between
>> this cable modem and my home wireless LAN is a router on which I have
>> 1. changed the default SSID and prevented its broadcasting
>
> Let it broadcast; it isn't helping anything to disable broadcast. Do let
> the name change stand, though; just in case you have a neighbor with a
> WLAN
> and the same equipment.
>
>> 2. installed WEP and implemented MAC filtering.
>
> If your equipment is capable of WPA with AES, use it. If it is not, plan
> to
> replace it with equipment which is capable of it.
>
> MAC filtering is useful for certain purposes; I use it to ensure that a
> connected device always obtains the same IP address. I doubt that it
> really
> adds much to security, though.
>
>> 3. I also have Zone Alarm on all the LAN PCs.
>
> As good as any software personal firewall.
>
>> However to connect wirelessly to a W98 SE PC on the LAN I needed to
>> install
>> Netbeui. I've been told that I should not need Netbeui. but it is the
>> only
>> way I could access the files on the W98 PC, so I have it for now.
>>
>> A. My concern is that since Netbeui "bypasses" the TCIP configurations
>> and -
>> I presume the wireless firewall protection (?) - is this home LAN
>> insecure
>> to neighbors or war-drivers passing by? In other words can the LAN be
>> accessed by an intruder "behind" the router?
>
> NetBEUI does not "bypass" TCP/IP, it is an alternative to TCP/IP.
>
>> B. Since this W98 PC connects to the internet through the LAN and then
>> the
>> cable modem is it still protected on the internet despite the open
>> Netbeui?
>
> It is "protected" from the Internet by the fact that NetBEUI packets, not
> being TCP/IP packets, can't be routed through TCP/IP routers; unless they
> are encapsulated inside of TCP/IP packets.
>
>> C. I've read about bindings but remain totally confused. My
>> understanding
>> is that because Windows unnecessarily binds everything together, this
>> creates security problems and that I need to unbind some of the default
>> bindings. However I do not know how to do this in XP Home or W98SE. Any
>> help?
>
> Forget about bindings, in the fancy sense of the GRC site. Your network
> adapters won't work unless some protocol is bound to them. Because of your
> router and firewalls, allowing TCP/IP to be bound to the adpaters is
> secure
> enough.
>
> Then there are the protocol bindings. I do unbind stuff from the TCP/IP >
> Dial-Up modem protocol; but that is the only place where I do that. All
> other adapters and protocols have TCP/IP bound. With the router in place,
> assuming it also filters unsolicited inbound packets, your LAN will be
> sufficiently secure.
>
> --
> Norman

Thank you very much Norman. Very clear and very helpful. I just finished
switching from WEP to WPA with AES. So it looks like I should be reasonably
OK.

Thank you.

Jeff
August 25, 2005 12:54:31 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

On Mon, 22 Aug 2005 17:05:25 -0400, "Jack" <jack@msnews.microsoft.com>
wrote:

>Hi
>This page would clarify the Binding issue: http://www.ezlan.net/netbeui.html
>Jack (MVP-Networking).

That was useful, thanks. But could you offer some thoughts of the
security involving netbios over TCP/IP?
!