Login
    Contents x
    Securing NETBIOS
    • 08 Feb 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    Contents

    Securing NETBIOS

    • Updated on 08 Feb 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    Article summary

    Following on from DNS Amplification DDOS attacks, more recently NETBIOS services are being utilised for "Amplification DDOS attacks" to reflect traffic against other networks.
    You can read up on this further at the below URL:
    https://www.shadowserver.org/wiki/pmwiki.php/Services/Open-NetBIOS

    The easiest way to resolve this issue, is by creating a Firewall rule, to block Port 137, for incoming traffic for UDP excluding trusted IP ranges.
    Below are some basic examples when testing, showing before, and after information using the nbtstat command in Windows CMD Prompt.

    Testing - Before

    Testing - After

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence