A friend recently convinced me that it’s time to disable
NetBIOS (and
WINS) based in
part on Microsoft’s recommendation not to deploy
WINS,
serious unpatched WINS
vulnerabilities,
spoofability,
and because it complicates network lookups and masks DNS problems. After
reviewing Ace Fekay’s excellent post Do I need
NetBIOS? to
check for gotchas, I decided to disable NetBIOS over TCP/IP by using DHCP
server options. This is
accomplished by setting the Vendor-Specific Option Code
0x01 to the value
0x00000001 for DHCP clients matching the Microsoft Vendor Class Identifier
(using “MSFT” for
forward-compatibility rather than the entire “MSFT 5.0” identifier). In
dnsmasq this can be
accomplished by adding the following to /etc/dnsmasq.conf:
dhcp-option=vendor:MSFT,1,2i
(For reference, there is more explanation of how dhcp-option vendor options
work in a dnsmasq-discuss
post.)
Once configured, restart dnsmasq then acquire a new DHCP lease (e.g. by
running ipconfig /release && ipconfig /renew) and confirm NetBIOS over
TCP/IP is disabled (e.g. by running ipconfig /all). With any luck you will
be free of NetBIOS.
