How to: Disable NetBIOS over TCP/IP

Updated: 5 December 2005

Servers in the perimeter network should have all unnecessary protocols disabled including NetBIOS. Web servers and Domain Name System (DNS) servers do not require NetBIOS. This protocol should be disabled to reduce the threat of user enumeration.

  1. From the Start menu, right-click My Computer, and then click Manage.

  2. Expand System Tools, and then clear the Device Manager check box.

  3. Right-click Device Manager, point to View, and then select Show hidden devices.

  4. Expand Non-Plug and Play Drivers.

  5. Right-click NetBios over TCP/IP, and then click Disable.

    This disables the SMB direct host listener on TCP/445 and UDP 445.

    This procedure disables the netbt.sys driver. The WINS tab of the Advanced TCP/IP Settings dialog box contains a Disable NetBIOS over TCP/IP option. Selecting this option only disables the NetBIOS Session Service (which listens on TCP port 139). It does not disable NetBIOS completely.