Set NetBIOS Node Type (KB160177)

Download

How to Secure Against NetBIOS Name Service (NBT-NS) Poisoning Attacks

Since it is far easier for an attacker to spoof a broadcast-based name request than it is to impersonate a WINS server, one of the easiest ways to secure against this vulnerability is to turn off NetBIOS broadcast-based name resolution. To do this, simply add a registry value in the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBT\Parameters
In this registry key, create a DWORD value called: NodeType
Then, set the NodeType value to 2

This secures the machine by telling Windows to treat itself as a NetBIOS P-node (point-to-point system). These systems will only resolve NBT-NS queries using WINS – no broadcasts will take place. Success!

For more information on the NodeType registry value, see: https://support.microsoft.com/kb/160177

Administrative Templates (Computers)

Files

  • set-netbios-node-type-kb160177.admx

Binary Fortress Software

Mozilla Firefox and Thunderbird

Zoom Video Communications

ALT Linux

HID Global

Admin By Request

AnyDesk

Classic Shell

ClickView Player

Paper Software

ControlUp Console

D. Brown Management

Ecosia

FrontMotion Firefox Community Edition

GoToMeeting

Goverlan

Smartbox Assistive Technology

HP (Hewlett Packard)

HealthCast Inc.

Blackfish Software

LogMeIn

LyncWizard

MacroView

Mattermost Desktop Application

NetSupport

Net at Work GmbH

One Identity

pdfforge GmbH

Liquidware

RealVNC

Royal Applications Team

SEPPmail AG

Birch Grove Software

LEARNPULSE SAS

Infineon Technologies AG

Stardock

ThinPrint

Ubuntu

Veyon Community

SparkLabs

Vivaldi Technologies

WPKG

Dojo North Software

iTALC - Intelligent Teaching And Learning with Computers

think-cell Sales GmbH

uberAgent