Netbios and bindiings
in [Wireless]
|
Prev: WAN connection
Next: Wireless problems, again...
From: RB on 9 Mar 2010 22:42 >Leave NetBIOS alone ! >You want to play with unbinding NetBIOS from IP. I've been trying to tell you why you >don't need to ! Ok I sense I misunderstood your meaning when you said > "NO NEED to fuss with NetBIOS over IP for any nodes on the LAN side". I thought you meant I did not "need" Netbios enabled, but rather you meant if I disabled said ports then I did not need to unbind Netbios,....correct ? Which brings me to another point of confusion, ( I understand now that I don't need to worry about the unbinding ) but I don't understand why netbios is not showing up in the bindings window ? I do have it enabled over TCP/IP so shouldn't it be showing up?
From: Andy Medina on 9 Mar 2010 23:31 "RB" <NoMail(a)NoSpam> wrote in message news:e4ffam9vKHA.3564(a)TK2MSFTNGP05.phx.gbl... >> However, you are looking in the wrong place. > Oh why the heck did they stick it up there for, that seems odd to me > given all of those menus are usually explorer generic. > Anyhow thank you ! > I am not so much still sold on trying to use Netbeui (which appears to be > an earlier > version of Netbios) but I still have been unable to get key information > to help me > in my decision. Two things specifically, > 1. The poster Jack (MS, MVP-Networking) wrote > { If you are worried that is a good idea. > Adding NetBEUI as Sharing Protocol in WinXP: > http://www.ezlan.net/netbeui.html > } > I replied to him but he never answered. Did I misunderstand him or is he > saying > he things netbuei is a good thing still ? NetBEUI is an extention of NetBIOS, it is not an earlier version of Netbios. NetBEUI = NetBIOS Extended User Interface From the url above: "NetBEUI has less overhead, so it is very efficient in small networks (less then 10 computers), and it is actually faster then TCP/IP. However on large Networks it produces the opposite effect, and might "bog" down the Network. Networking is dominated by the Professional IT people and they do not like NetBEUI as a result you will always hear negative remarks when NetBEUI is mentioned. Because it is a problem on large Networks, and it is Not Routable, Microsoft is phasing it out. It is included on Windows XP CD ROM, but Microsoft is Not supporting it anymore. However there is nothing to support in NetBEUI when it used in a simple peer to peer small Network. " Network pros don't like it because they usually work with MANY machines on the LAN. And it WILL "bog" down the network because it is a VERY talkative/noisy protocol. The protocol itself is fine for small networks, but the mantra is DON'T install any more network protocols than neccessary [AKA the KISS principle :D ]. If you take the precautions folks on here have been suggesting, there is no need for NetBEUI. It will not be the end of the world if you decide to use NetBEUI. But if you do, then you have to be sure NetBEUI is the ONLY protocol that is bound to File and Printer Sharing and for Client for Microsoft Networks. So you have to manage two protocols for each machine's network adapter, but that's not as hard to do as it sounds. Also, websites that suggest using NetBEUI state there are certain situations where NetBEUI would be a good option, but they do not flatly state to use NetBEUI as a substitute for NetBIOS/TCP in all situations. More on NetBIOS and NetBEUI at http://en.wikipedia.org/wiki/Netbios > 2. Ok say I keep netbios and I disable the ports you guys told me about . > I am concerned that if I disable them it will intefere with apps that > might be > using these ports. I did a search for a way to find out who is using what > and > I got the following results from netsat. I cut out all but the 3 ports > spoke of. > So what is going to happen with these apps if I block these ports ? You will be blocking the ports at the router's firewall not on the machine's firewall. If an app uses those ports through the *router* (IOW [LAN ethernet port <=> WAN ethernet port] and NOT through the built-in *switch* which is [LAN ethernet port <=> LAN ethernet port]) that would be bad and is exactly what you are trying to prevent. The machines on the LAN will still see and use those ports. Think of the router as having two items (a switch and router, a wireless router adds a radio/hub to the mix) that are in one box. The router's firewall primarily affects traffic going through the *router* (that is between a LAN ethernet port to the WAN ethernet port) and usually does not affect traffic going through the *switch* (that is between a LAN ethernet port to another LAN ethernet port). > ---------------------------------------------------- [snip] > ============ALSO=== > Another question when I look in the ADVANCED->bindings that you just > showed > me how to view, I don't see any Netbios listed when I do have it Enabled > in my TCP > properties ? What is up with that ? From http://en.wikipedia.org/wiki/Netbeui (which actually redirects to http://en.wikipedia.org/wiki/Netbios) "As strictly an API, NetBIOS is not a networking protocol." So you will not see it listed there. > And what is up with the MS TCP/IP ver 6 ? I have that in addition to the > Internet TCP/IP ? IPv6 uses 128-bit addresses while IPv4 uses only 32 bits. The address space for IPv4 is pretty much exhausted, so IPv6 will create a much much bigger address space for all the devices needing an IP address. Other enhancements were also made to the protocol. More on IPv6 is at http://en.wikipedia.org/wiki/IPv6 and at http://technet.microsoft.com/en-us/network/bb530961.aspx BTW IPv6 is not MS-centric although MS might have put a twist or two into it's implementation. IPv6 was defined in December 1998 by the Internet Engineering Task Force (IETF) with the publication of an Internet standard specification, RFC 2460 Have we made your head swim yet? :D
From: Andy Medina on 10 Mar 2010 00:05 "RB" <NoMail(a)NoSpam> wrote in message news:u6YrKPAwKHA.5036(a)TK2MSFTNGP02.phx.gbl... > >Leave NetBIOS alone ! >>You want to play with unbinding NetBIOS from IP. I've been trying to tell >>you why you >>don't need to ! > > Ok I sense I misunderstood your meaning when you said > >> "NO NEED to fuss with NetBIOS over IP for any nodes on the LAN side". > > I thought you meant I did not "need" Netbios enabled, but rather you meant > if I disabled > said ports then I did not need to unbind Netbios,....correct ? NetBIOS is not "bound" to anything. It is simply enabled over TCP/IP. That is why you do not see it listed under the bindings dialog box. See below. > Which brings me to another point of confusion, ( I understand now that I > don't need to > worry about the unbinding ) but I don't understand why netbios is not > showing up in > the bindings window ? I do have it enabled over TCP/IP so shouldn't it be > showing up? From http://en.wikipedia.org/wiki/Netbeui (which actually redirects to http://en.wikipedia.org/wiki/Netbios) "As strictly an API, NetBIOS is not a networking protocol." So you will not see it listed there.
From: RB on 10 Mar 2010 00:15 > Have we made your head swim yet? :D Actually no, although there has been a diverse spectrum of opinion replied. I think I have learned enough from everyone (especially you and David ) to be able to intelligently work with the process now. This last reply of yours really elaborated and nailed down a lot of loose ends in my mind. I feel now (given the small size of my Lan) that I could toss the dice and go with either Netbios or Netbeui and have good security results.....but my biggest problem (that has spurred me into all of this ) is the fact that as soon as I tried to move from a ( no logon password user accts using "simple file & print sharing" ) scenario to a more secure password logon user accts I have been unable (to keep an off topic troubleshooting story brief ) to get all of my nodes to see each other. I have tried until I was exhausted with conversing with support groups but I just could not get it to work. So I then started to think of trying Netbeui hoping it might work when I could not get the Netbios over tcp/ip to function. I now am wondering if maybe Windows Home Server might be a solution. What are the security aspects of that ? Believe me I have done all sorts of suggested commands from ipconfig, ping, netstat, and net etc to try and track down why it won't work but finally I just gave up on it. It would appear that MS if more concerned with brushing over security (when they add the "recommended" to the Simple file sharing check box) than they are making password peer to peer lans work under password logons.
From: Andy Medina on 10 Mar 2010 02:10
Getting computers to see each other on the LAN can be a headache. Usually the problem with not being able to see computers in My Network Places is because of Master Browser problems, NetBIOS over TCP disabled, or no firewall exception for File and Printer sharing. Some items you may want to go over: 1) be sure you (re)share the items after you switch from simple file sharing. Even if you had/have them shared while under simple file sharing, go through and share them again. You have to have at least one item shared for the computer to show up. 2) make sure File and Printer sharing is checked as an exception in the firewall of EVERY computer on the LAN. Look in the event logs (can't remember which category, apps or system) and if you see any "could not obtain master browse list from [computer name]" (can't remember the exact wording) then that computer has the exception unchecked. All it takes is one computer with the unchecked exception to mess everything up. It might also have the NetBIOS over TCP disabled. 3) make sure the Computer Browser service is running on ALL computers. You might also try the SMB method (for troubleshooting) if the computer is not showing up. First make sure you can ping the computer in question. Then go to Start/Run and enter "\\[IP address of computer in question]" (without the quotes) and see if the network login screen comes up. I get to shared resources that way even if the computer with the shared resources does not show up in My Network Places. And this is the only way to get to shared resources if the NetBIOS over TCP is disabled since you will not be able to see the computer in My Network Places. "RB" <NoMail(a)NoSpam> wrote in message news:eeOPuCBwKHA.5936(a)TK2MSFTNGP04.phx.gbl... >> Have we made your head swim yet? :D > > Actually no, although there has been a diverse spectrum of opinion > replied. > I think I have learned enough from everyone (especially you and David ) to > be able to intelligently work with the process now. This last reply of > yours > really elaborated and nailed down a lot of loose ends in my mind. I feel > now (given the small size of my Lan) that I could toss the dice and go > with > either Netbios or Netbeui and have good security results.....but > my biggest problem (that has spurred me into all of this ) is the fact > that > as soon as I tried to move from a ( no logon password user accts using > "simple file & print sharing" ) scenario to a more secure password logon > user accts I have been unable (to keep an off topic troubleshooting story > brief ) to get all of my nodes to see each other. I have tried until I was > exhausted > with conversing with support groups but I just could not get it to work. > So I then started to think of trying Netbeui hoping it might work when I > could not get the Netbios over tcp/ip to function. > I now am wondering if maybe Windows Home Server might be a solution. > What are the security aspects of that ? > Believe me I have done all sorts of suggested commands from ipconfig, > ping, > netstat, and net etc to try and track down why it won't work but finally I > just > gave up on it. It would appear that MS if more concerned with brushing > over security (when they add the "recommended" to the Simple file sharing > check box) than they are making password peer to peer lans work under > password logons. > |