NetBIOS Enumeration
NetBIOS stands for network basic
input output system. IBM developed it along with
sytek. The primary intention of NetBIOS was developed as application
programming interfae (API) to enable access to LAN resources by the client's
software.
NetBIOS naming convention start with 16-ASCII character string
used to identify the network devices over TCP/IP. 15 characters are used for
the device name and the 16 characters is reserved for the service or name
record type.
NetBIOS enumeration explained
NetBIOS software runs on PORT 139 on windows operating system file
and printer service needs to be enabled to enumerate NetBIOS over windows
operating system.
An attacker can perform the below on the remote machine.
1) Choose to read or write to a remote machine
depending on the availability of shares.
2) Launch a Denial of
Service (DOS) attack on the remote machine.
3) Enumerate password
policies on the remote machine.
NetBIOS Enumeration Tools
The following tables shows the list of toolls to perform NetBIOS
Enumeration.
Name of the tools and web links.
1) Nbstat
- www.technet.microsoft.com
2) Superscan -
https://www.mcafe.com/in/downloads/free-tools/superscan.aspx
3) Hyena -
http://www.systemtools.com/hyena
4) winfingerprint -
http://packetstormsercurity.com/files/38356/winfingerprint-0.6.2.zip.html
NetBIOS security controls
The following are the security controls to prevent NetBIOS enumeration
attacks.
# Minimize the attack surface by minimizing the
unnecessary service like server message block (SMB).
# Remove file and printer sharing in windows OS.
Disclaimer
All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.