NetBIOS - Recommendation to disable within TCP/IP on client PCs
This is a beneficial recommendation
ISC - Is it time to get rid of NetBIOS?
QUOTE: NetBIOS, and its weaknesses that allow extremely easy spoofing have been well known all the way since 2005. I recently discussed NetBIOS with a colleague of mine, Arcel, and this discussion prompted me to see if anything changed with NetBIOS and recent Windows releases. While I was almost certain that the old NetBIOS spoofing attacks do not work any more, I was stunned to see that even the latest and greatest Windows 7 still enable NetBIOS over TCP/IP by default. So what can we do to protect ourselves and our users against this? This is one of those times when auditors that bug you about settings and configuration are really right:
1. Unless you moved everything to Windows Vista or newer, make sure you disable LANMAN hashes. They are insecure and should not be used under any circumstances.
2. Disable NetBIOS over TCP/IP. I don’t think that anything really uses this any more
If you want to learn more about this attack, read the excellent post below and, once you get scared enough, take care of your network and users.