A friend recently convinced me that it’s time to disable NetBIOS (and WINS) based in part on Microsoft’s recommendation not to deploy WINS, serious unpatched WINS vulnerabilities, spoofability, and because it complicates network lookups and masks DNS problems. After reviewing Ace Fekay’s excellent post Do I need NetBIOS? to check for gotchas, I decided to disable NetBIOS over TCP/IP by using DHCP server options. This is accomplished by setting the Vendor-Specific Option Code 0x01 to the value 0x00000001 for DHCP clients matching the Microsoft Vendor Class Identifier (using “MSFT” for forward-compatibility rather than the entire “MSFT 5.0” identifier). In dnsmasq this can be accomplished by adding the following to /etc/dnsmasq.conf:


(For reference, there is more explanation of how dhcp-option vendor options work in a dnsmasq-discuss post.) Once configured, restart dnsmasq then acquire a new DHCP lease (e.g. by running ipconfig /release && ipconfig /renew) and confirm NetBIOS over TCP/IP is disabled (e.g. by running ipconfig /all). With any luck you will be free of NetBIOS.