January 25, 2018
NetBIOS Making it Super Easy for Hackers – WST
Something from the 1980’s is still hanging around on your network, and ‘bad’ just doesn’t have the same meaning nowadays…
We’re talking about NetBIOS. NetBIOS was originally designed to allow computers to communicate over IBM PC Network LAN technology. As networks evolved, NetBIOS was along for the ride. It was implemented into various network technologies such as Token-Ring, IPX/SPX, and Ethernet. Today, NetBIOS (as NetBIOS over TCP/IP or NBT) still lives on, primarily as a failback for name resolution in case DNS is not functioning. However, it’s not secure, and is in most cases is NOT needed.
Your computer supporting NetBIOS will eagerly supply your user credentials (in hash form) to every local resource it tries to connect to, including an attacker spoofing a trusted resource name on your network. Yes, that’s bad… It hands credentials out like candy and the bad guys love it.
The good news is, it can be disabled! Read the following blog post to learn more. Saying Goodbye to NetBIOS