Since it is far easier for an attacker to spoof a broadcast-based name request than it is to impersonate a WINS server, one of the easiest ways to secure against this vulnerability is to turn off NetBIOS broadcast-based name resolution. To do this, simply add a registry value in the following registry key:
In this registry key, create a DWORD value called:
Then, set the NodeType value to
This secures the machine by telling Windows to treat itself as a NetBIOS P-node (point-to-point system). These systems will only resolve NBT-NS queries using WINS – no broadcasts will take place. Success!
For more information on the NodeType registry value, see: https://support.microsoft.com/kb/160177