Archived from groups: microsoft.public.win2000.dns (
More info?)
When I disable NetBios over Tcpip in the WINS tab of the
Advanced TCP/IP Settings, Primary Wins server and
Secondary Wins server are listed in Ipconfig /all output,
but when I disable NetBios over Tcpip in the Device
Manager, Wins servers are not listed in Ipconfig /all
output and no local DNS server. See below link:
http://www.microsoft.com/technet/Security/prodtech/win2000/
secwin2k/a0604.mspx
DC Ipconfig output:
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix ...sell.com
Description . . . . . . . . : 3Com 3C90x Ethernet
Adapter
Physical Address. . . . . . : 00-60-08-3E-46-07
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 10.15.20.24
Subnet Mask . . . . . . . . : 255.255.254.0
Default Gateway . . . . . . : 10.15.20.1
Default Gateway . . . . . . : 10.1.2.15
NetBIOS over Tcpip . . . . : Disabled
Thanks.
>-----Original Message-----
>In news:2499201c45fba$f3e3e0d0$a301280a@phx.gbl,
>anonymous@discussions.microsoft.com
<anonymous@discussions.microsoft.com>
>posted a question
>Then Kevin replied below:
>> According to our company security team, SMB Ports and
>> Netbios ports needs to be blocked as most of hacker
>> attached are performed as open ports such as these.
>>
>> Even after disabling Netbios port, all workstation are
>> able to connect to this server, which is Active
directory,
>> domain controller, but another server on our network
lost
>> connection to this server.
>
>Check the server that lost connection for the proper DNS
Suffix search list
>and DNS server.
>I'm proponent of disabling NetBIOS as well, as much for
internal security as
>external security. IMO, Network browsers are as much a
security risk as any.
>It still won't stop a determined user but if they can't
browse Network
>Places it sure slows the ocaisional "I wonder what's in
here" browser.
>
>You might even find the problem with the server by
running netdiag on it to
>see what is comes up with.
>If youwant me to take a closer look at that particular
server piost an
>ipconfig /all from it and the DC.
>
>--
>Best regards,
>Kevin D4 Dad Goodknecht Sr. [MVP]
>Hope This Helps
>============================
>--
>When responding to posts, please "Reply to Group" via
your
>newsreader so that others may learn and benefit from your
issue.
>To respond directly to me remove the nospam. from my
email.
>==========================================
> http://www.lonestaramerica.com/
>==========================================
>Use Outlook Express?... Get OE_Quotefix:
>It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
>==========================================
>Keep a back up of your OE settings and folders with
>OEBackup:
>
http://www.oehelp.com/OEBackup/Default.aspx
>==========================================
>
>
>.
>