How to: Disable NetBIOS over TCP/IP

  • Article

Servers in the perimeter network should have all unnecessary protocols disabled including NetBIOS. Web servers and Domain Name System (DNS) servers do not require NetBIOS. This protocol should be disabled to reduce the threat of user enumeration.

To disable NetBIOS over TCP/IP

  1. From the Start menu, right-click My Computer, and then click Manage.

  2. Expand System Tools, and then clear the Device Manager check box.

  3. Right-click Device Manager, point to View, and then select Show hidden devices.

  4. Expand Non-Plug and Play Drivers.

  5. Right-click NetBios over TCP/IP, and then click Disable.

    This disables the SMB direct host listener on TCP/445 and UDP 445.

    Note

    This procedure disables the netbt.sys driver. The WINS tab of the Advanced TCP/IP Settings dialog box contains a Disable NetBIOS over TCP/IP option. Selecting this option only disables the NetBIOS Session Service (which listens on TCP port 139). It does not disable NetBIOS completely.

See Also

Tasks

How to: Disable Server Message Block

Concepts

Security Considerations for a SQL Server Installation

Other Resources

SQL Server 2005 Preparation How-to Topics

Help and Information

Getting SQL Server 2005 Assistance