Set NetBIOS Node Type (KB160177)

Download

How to Secure Against NetBIOS Name Service (NBT-NS) Poisoning Attacks

Since it is far easier for an attacker to spoof a broadcast-based name request than it is to impersonate a WINS server, one of the easiest ways to secure against this vulnerability is to turn off NetBIOS broadcast-based name resolution. To do this, simply add a registry value in the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBT\Parameters
In this registry key, create a DWORD value called: NodeType
Then, set the NodeType value to 2

This secures the machine by telling Windows to treat itself as a NetBIOS P-node (point-to-point system). These systems will only resolve NBT-NS queries using WINS – no broadcasts will take place. Success!

For more information on the NodeType registry value, see: https://support.microsoft.com/kb/160177

Administrative Templates (Computers)

Files

  • set-netbios-node-type-kb160177.admx

Binary Fortress Software

Foxit Software Inc.

Classic Shell

ClickView Player

D. Brown Management

Ecosia

Community

FrontMotion Firefox Community Edition

Goverlan

Smartbox Assistive Technology

HP (Hewlett Packard)

HealthCast Inc.

Blackfish Software

LogMeIn

LyncWizard

Mozilla Firefox and Thunderbird

NetSupport

Net at Work GmbH

One Identity

Tracker Software

Liquidware

RealVNC

Royal Applications Team

Birch Grove Software

LEARNPULSE SAS

Infineon Technologies AG

Stardock

ThinPrint

Veyon Community

SparkLabs

Vivaldi Technologies

WPKG

Yubico

iTALC - Intelligent Teaching And Learning with Computers

think-cell Sales GmbH

uberAgent