Netbeui and Lan security

I am afraid I am confused about the inner workings of how wireless networks
and internet sharing actually works especially as to Netbeui and "bindings".

At my home I am connected to the internet through a cable modem. Between
this cable modem and my home wireless LAN is a router on which I have
1. changed the default SSID and prevented its broadcasting
2. installed WEP and implemented MAC filtering.
3. I also have Zone Alarm on all the LAN PCs.

However to connect wirelessly to a W98 SE PC on the LAN I needed to install
Netbeui. I've been told that I should not need Netbeui. but it is the only
way I could access the files on the W98 PC, so I have it for now.

A. My concern is that since Netbeui "bypasses" the TCIP configurations and -
I presume the wireless firewall protection (?) - is this home LAN insecure
to neighbors or war-drivers passing by? In other words can the LAN be
accessed by an intruder "behind" the router?

B. Since this W98 PC connects to the internet through the LAN and then the
cable modem is it still protected on the internet despite the open Netbeui?

C. I've read about bindings but remain totally confused. My understanding
is that because Windows unnecessarily binds everything together, this
creates security problems and that I need to unbind some of the default
bindings. However I do not know how to do this in XP Home or W98SE. Any
help?

Thanks.


--

Jeff Williams
Jeff@who_knows.com

1) Disabling SSID broadcast offers you no real increase in security
2) Implementing MAC filtering offers you no real increase in security
3) WEP is VERY easily circumvented. Use WPA instead.

With the configuration you currently have, I'd be more worried about people
"breaking" into your wireless network. It doesn't matter if you're running
TCP/IP or NetBeui, neither one will compromise your security, but having WEP
instead of WPA will.

Matt Gibson - GSEC

Hi

NetBEUI actually add security for both Wireless and Internet connections.

1. Since NetBEUI is Not Routable it can Not "leak" info to the Internet.

2. As far as Wireless connection is concerned NetBEUI additional security is
more of a statiscal factor. Since most people use TCP/IP and do not have
NetBEUI installed, if your security is Bridged they would not be able to
"Read" NetBEUI traffic with TCP/IP.

If the "leecher" does have NetBEUI installed on his/her/s computer the
situation is not better or worse than with TCP/IP.

Wireless security is Not a matter of Black and White; a lot of the
statements that are seen on line are more a matter or "social macho
proverbs" rather than common sense. Beside disabling SSID, which night
deem you Wireless connection "Quirky", any other measure adds more to the
general Equation of Security regardless whether somewhere on the planet
there is some one that can Brake it.

Wireless Security - http://www.ezlan.net/Wireless_Security.html

WEP, WPA, and the Future - http://www.ezlan.net/wpa_wep.html

Wireless Segregation: http://www.ezlan.net/shield.html

Jack (MVP-Networking).





"Matt Gibson" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> 1) Disabling SSID broadcast offers you no real increase in security
> 2) Implementing MAC filtering offers you no real increase in security
> 3) WEP is VERY easily circumvented. Use WPA instead.
>
> With the configuration you currently have, I'd be more worried about
people
> "breaking" into your wireless network. It doesn't matter if you're
running
> TCP/IP or NetBeui, neither one will compromise your security, but having
WEP
> instead of WPA will.
>
> Matt Gibson - GSEC
>
>

Thank you Jack. This is both helpful and reassuring.

What I have is just a home LAN and I just want to add reasonable security to
it.

> Beside disabling SSID, which night
> deem you Wireless connection "Quirky"

What do you mean by making the Wireless connection "Quirky"? In what way?

Any comments about bindings and the need to unbind any "unnecessary
bindings" for the sake of security, as I've read on some websites?

Concerning WEP/WPA I intend to switch to WPA as soon as I've updated all my
adapter drivers.

Thanks again.

Jeff

"Jack" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi
>
> NetBEUI actually add security for both Wireless and Internet connections.
>
> 1. Since NetBEUI is Not Routable it can Not "leak" info to the Internet.
>
> 2. As far as Wireless connection is concerned NetBEUI additional security
> is
> more of a statiscal factor. Since most people use TCP/IP and do not have
> NetBEUI installed, if your security is Bridged they would not be able to
> "Read" NetBEUI traffic with TCP/IP.
>
> If the "leecher" does have NetBEUI installed on his/her/s computer the
> situation is not better or worse than with TCP/IP.
>
> Wireless security is Not a matter of Black and White; a lot of the
> statements that are seen on line are more a matter or "social macho
> proverbs" rather than common sense. Beside disabling SSID, which night
> deem you Wireless connection "Quirky", any other measure adds more to the
> general Equation of Security regardless whether somewhere on the planet
> there is some one that can Brake it.
>
> Wireless Security - http://www.ezlan.net/Wireless_Security.html
>
> WEP, WPA, and the Future - http://www.ezlan.net/wpa_wep.html
>
> Wireless Segregation: http://www.ezlan.net/shield.html
>
> Jack (MVP-Networking).
>
>
>
>
>
> "Matt Gibson" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> 1) Disabling SSID broadcast offers you no real increase in security
>> 2) Implementing MAC filtering offers you no real increase in security
>> 3) WEP is VERY easily circumvented. Use WPA instead.
>>
>> With the configuration you currently have, I'd be more worried about
> people
>> "breaking" into your wireless network. It doesn't matter if you're
> running
>> TCP/IP or NetBeui, neither one will compromise your security, but having
> WEP
>> instead of WPA will.
>>
>> Matt Gibson - GSEC
>>
>>
>
>

Disabling SSID is not really helpful, and does not help WZC connect, you
might want to read this;
http://www.broadbandreports.com/faq/...Security#10907 It's much more
of an urban legend than anything.

--
David {MVP}
Microsoft Mobile Devices
Mobile AntiVirus Researchers Association

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
The MARA Program - http://www.mobileav.org/index.html

This posting is provided "AS IS" with no warranties, and confers no
rights...


Spelling and grammar errors left in for those that need a little joy in
their life by correcting me.

"Jeff" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> Thank you Jack. This is both helpful and reassuring.
>
> What I have is just a home LAN and I just want to add reasonable security
> to it.
>
>> Beside disabling SSID, which night
>> deem you Wireless connection "Quirky"
>
> What do you mean by making the Wireless connection "Quirky"? In what way?
>
> Any comments about bindings and the need to unbind any "unnecessary
> bindings" for the sake of security, as I've read on some websites?
>
> Concerning WEP/WPA I intend to switch to WPA as soon as I've updated all
> my adapter drivers.
>
> Thanks again.
>
> Jeff
>
> "Jack" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Hi
>>
>> NetBEUI actually add security for both Wireless and Internet connections.
>>
>> 1. Since NetBEUI is Not Routable it can Not "leak" info to the Internet.
>>
>> 2. As far as Wireless connection is concerned NetBEUI additional security
>> is
>> more of a statiscal factor. Since most people use TCP/IP and do not
>> have
>> NetBEUI installed, if your security is Bridged they would not be able to
>> "Read" NetBEUI traffic with TCP/IP.
>>
>> If the "leecher" does have NetBEUI installed on his/her/s computer the
>> situation is not better or worse than with TCP/IP.
>>
>> Wireless security is Not a matter of Black and White; a lot of the
>> statements that are seen on line are more a matter or "social macho
>> proverbs" rather than common sense. Beside disabling SSID, which night
>> deem you Wireless connection "Quirky", any other measure adds more to the
>> general Equation of Security regardless whether somewhere on the planet
>> there is some one that can Brake it.
>>
>> Wireless Security - http://www.ezlan.net/Wireless_Security.html
>>
>> WEP, WPA, and the Future - http://www.ezlan.net/wpa_wep.html
>>
>> Wireless Segregation: http://www.ezlan.net/shield.html
>>
>> Jack (MVP-Networking).
>>
>>
>>
>>
>>
>> "Matt Gibson" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>> 1) Disabling SSID broadcast offers you no real increase in security
>>> 2) Implementing MAC filtering offers you no real increase in security
>>> 3) WEP is VERY easily circumvented. Use WPA instead.
>>>
>>> With the configuration you currently have, I'd be more worried about
>> people
>>> "breaking" into your wireless network. It doesn't matter if you're
>> running
>>> TCP/IP or NetBeui, neither one will compromise your security, but having
>> WEP
>>> instead of WPA will.
>>>
>>> Matt Gibson - GSEC
>>>
>>>
>>
>>
>
>

Thanks. Good to know.

Jeff

"David {MVP}" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Disabling SSID is not really helpful, and does not help WZC connect, you
> might want to read this;
> http://www.broadbandreports.com/faq/...Security#10907 It's much
> more of an urban legend than anything.
>
> --
> David {MVP}
> Microsoft Mobile Devices
> Mobile AntiVirus Researchers Association
>
> Please post *ALL* questions and replies to the news group for the mutual
> benefit of all of us...
> The MS-MVP Program - http://mvp.support.microsoft.com
> The MARA Program - http://www.mobileav.org/index.html
>
> This posting is provided "AS IS" with no warranties, and confers no
> rights...
>
>
> Spelling and grammar errors left in for those that need a little joy in
> their life by correcting me.
>
> "Jeff" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>> Thank you Jack. This is both helpful and reassuring.
>>
>> What I have is just a home LAN and I just want to add reasonable security
>> to it.
>>
>>> Beside disabling SSID, which night
>>> deem you Wireless connection "Quirky"
>>
>> What do you mean by making the Wireless connection "Quirky"? In what
>> way?
>>
>> Any comments about bindings and the need to unbind any "unnecessary
>> bindings" for the sake of security, as I've read on some websites?
>>
>> Concerning WEP/WPA I intend to switch to WPA as soon as I've updated all
>> my adapter drivers.
>>
>> Thanks again.
>>
>> Jeff
>>
>> "Jack" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>> Hi
>>>
>>> NetBEUI actually add security for both Wireless and Internet
>>> connections.
>>>
>>> 1. Since NetBEUI is Not Routable it can Not "leak" info to the Internet.
>>>
>>> 2. As far as Wireless connection is concerned NetBEUI additional
>>> security is
>>> more of a statiscal factor. Since most people use TCP/IP and do not
>>> have
>>> NetBEUI installed, if your security is Bridged they would not be able to
>>> "Read" NetBEUI traffic with TCP/IP.
>>>
>>> If the "leecher" does have NetBEUI installed on his/her/s computer the
>>> situation is not better or worse than with TCP/IP.
>>>
>>> Wireless security is Not a matter of Black and White; a lot of the
>>> statements that are seen on line are more a matter or "social macho
>>> proverbs" rather than common sense. Beside disabling SSID, which night
>>> deem you Wireless connection "Quirky", any other measure adds more to
>>> the
>>> general Equation of Security regardless whether somewhere on the planet
>>> there is some one that can Brake it.
>>>
>>> Wireless Security - http://www.ezlan.net/Wireless_Security.html
>>>
>>> WEP, WPA, and the Future - http://www.ezlan.net/wpa_wep.html
>>>
>>> Wireless Segregation: http://www.ezlan.net/shield.html
>>>
>>> Jack (MVP-Networking).
>>>
>>>
>>>
>>>
>>>
>>> "Matt Gibson" <(E-Mail Removed)> wrote in message
>>> news:(E-Mail Removed)...
>>>> 1) Disabling SSID broadcast offers you no real increase in security
>>>> 2) Implementing MAC filtering offers you no real increase in security
>>>> 3) WEP is VERY easily circumvented. Use WPA instead.
>>>>
>>>> With the configuration you currently have, I'd be more worried about
>>> people
>>>> "breaking" into your wireless network. It doesn't matter if you're
>>> running
>>>> TCP/IP or NetBeui, neither one will compromise your security, but
>>>> having
>>> WEP
>>>> instead of WPA will.
>>>>
>>>> Matt Gibson - GSEC
>>>>
>>>>
>>>
>>>
>>
>>
>
>

On Sun, 21 Aug 2005 13:19:28 -0400, Jeff wrote:

> I am afraid I am confused about the inner workings of how wireless networks
> and internet sharing actually works especially as to Netbeui and "bindings".
>
> At my home I am connected to the internet through a cable modem. Between
> this cable modem and my home wireless LAN is a router on which I have
> 1. changed the default SSID and prevented its broadcasting

Let it broadcast; it isn't helping anything to disable broadcast. Do let
the name change stand, though; just in case you have a neighbor with a WLAN
and the same equipment.

> 2. installed WEP and implemented MAC filtering.

If your equipment is capable of WPA with AES, use it. If it is not, plan to
replace it with equipment which is capable of it.

MAC filtering is useful for certain purposes; I use it to ensure that a
connected device always obtains the same IP address. I doubt that it really
adds much to security, though.

> 3. I also have Zone Alarm on all the LAN PCs.

As good as any software personal firewall.

> However to connect wirelessly to a W98 SE PC on the LAN I needed to install
> Netbeui. I've been told that I should not need Netbeui. but it is the only
> way I could access the files on the W98 PC, so I have it for now.
>
> A. My concern is that since Netbeui "bypasses" the TCIP configurations and -
> I presume the wireless firewall protection (?) - is this home LAN insecure
> to neighbors or war-drivers passing by? In other words can the LAN be
> accessed by an intruder "behind" the router?

NetBEUI does not "bypass" TCP/IP, it is an alternative to TCP/IP.

> B. Since this W98 PC connects to the internet through the LAN and then the
> cable modem is it still protected on the internet despite the open Netbeui?

It is "protected" from the Internet by the fact that NetBEUI packets, not
being TCP/IP packets, can't be routed through TCP/IP routers; unless they
are encapsulated inside of TCP/IP packets.

> C. I've read about bindings but remain totally confused. My understanding
> is that because Windows unnecessarily binds everything together, this
> creates security problems and that I need to unbind some of the default
> bindings. However I do not know how to do this in XP Home or W98SE. Any
> help?

Forget about bindings, in the fancy sense of the GRC site. Your network
adapters won't work unless some protocol is bound to them. Because of your
router and firewalls, allowing TCP/IP to be bound to the adpaters is secure
enough.

Then there are the protocol bindings. I do unbind stuff from the TCP/IP >
Dial-Up modem protocol; but that is the only place where I do that. All
other adapters and protocols have TCP/IP bound. With the router in place,
assuming it also filters unsolicited inbound packets, your LAN will be
sufficiently secure.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

"N. Miller" <(E-Mail Removed)> wrote in message
news:1u6wb1ie3idbb$.(E-Mail Removed). ..
> On Sun, 21 Aug 2005 13:19:28 -0400, Jeff wrote:
>
>> I am afraid I am confused about the inner workings of how wireless
>> networks
>> and internet sharing actually works especially as to Netbeui and
>> "bindings".
>>
>> At my home I am connected to the internet through a cable modem. Between
>> this cable modem and my home wireless LAN is a router on which I have
>> 1. changed the default SSID and prevented its broadcasting
>
> Let it broadcast; it isn't helping anything to disable broadcast. Do let
> the name change stand, though; just in case you have a neighbor with a
> WLAN
> and the same equipment.
>
>> 2. installed WEP and implemented MAC filtering.
>
> If your equipment is capable of WPA with AES, use it. If it is not, plan
> to
> replace it with equipment which is capable of it.
>
> MAC filtering is useful for certain purposes; I use it to ensure that a
> connected device always obtains the same IP address. I doubt that it
> really
> adds much to security, though.
>
>> 3. I also have Zone Alarm on all the LAN PCs.
>
> As good as any software personal firewall.
>
>> However to connect wirelessly to a W98 SE PC on the LAN I needed to
>> install
>> Netbeui. I've been told that I should not need Netbeui. but it is the
>> only
>> way I could access the files on the W98 PC, so I have it for now.
>>
>> A. My concern is that since Netbeui "bypasses" the TCIP configurations
>> and -
>> I presume the wireless firewall protection (?) - is this home LAN
>> insecure
>> to neighbors or war-drivers passing by? In other words can the LAN be
>> accessed by an intruder "behind" the router?
>
> NetBEUI does not "bypass" TCP/IP, it is an alternative to TCP/IP.
>
>> B. Since this W98 PC connects to the internet through the LAN and then
>> the
>> cable modem is it still protected on the internet despite the open
>> Netbeui?
>
> It is "protected" from the Internet by the fact that NetBEUI packets, not
> being TCP/IP packets, can't be routed through TCP/IP routers; unless they
> are encapsulated inside of TCP/IP packets.
>
>> C. I've read about bindings but remain totally confused. My
>> understanding
>> is that because Windows unnecessarily binds everything together, this
>> creates security problems and that I need to unbind some of the default
>> bindings. However I do not know how to do this in XP Home or W98SE. Any
>> help?
>
> Forget about bindings, in the fancy sense of the GRC site. Your network
> adapters won't work unless some protocol is bound to them. Because of your
> router and firewalls, allowing TCP/IP to be bound to the adpaters is
> secure
> enough.
>
> Then there are the protocol bindings. I do unbind stuff from the TCP/IP >
> Dial-Up modem protocol; but that is the only place where I do that. All
> other adapters and protocols have TCP/IP bound. With the router in place,
> assuming it also filters unsolicited inbound packets, your LAN will be
> sufficiently secure.
>
> --
> Norman

Thank you very much Norman. Very clear and very helpful. I just finished
switching from WEP to WPA with AES. So it looks like I should be reasonably
OK.

Thank you.

Jeff

Hi
This page would clarify the Binding issue: http://www.ezlan.net/netbeui.html
Jack (MVP-Networking).


"Jeff" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks. Good to know.
>
> Jeff
>
> "David {MVP}" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Disabling SSID is not really helpful, and does not help WZC connect, you
> > might want to read this;
> > http://www.broadbandreports.com/faq/...Security#10907 It's much
> > more of an urban legend than anything.
> >
> > --
> > David {MVP}
> > Microsoft Mobile Devices
> > Mobile AntiVirus Researchers Association
> >
> > Please post *ALL* questions and replies to the news group for the mutual
> > benefit of all of us...
> > The MS-MVP Program - http://mvp.support.microsoft.com
> > The MARA Program - http://www.mobileav.org/index.html
> >
> > This posting is provided "AS IS" with no warranties, and confers no
> > rights...
> >
> >
> > Spelling and grammar errors left in for those that need a little joy in
> > their life by correcting me.
> >
> > "Jeff" <(E-Mail Removed)> wrote in message
> > news:%(E-Mail Removed)...
> >> Thank you Jack. This is both helpful and reassuring.
> >>
> >> What I have is just a home LAN and I just want to add reasonable
security
> >> to it.
> >>
> >>> Beside disabling SSID, which night
> >>> deem you Wireless connection "Quirky"
> >>
> >> What do you mean by making the Wireless connection "Quirky"? In what
> >> way?
> >>
> >> Any comments about bindings and the need to unbind any "unnecessary
> >> bindings" for the sake of security, as I've read on some websites?
> >>
> >> Concerning WEP/WPA I intend to switch to WPA as soon as I've updated
all
> >> my adapter drivers.
> >>
> >> Thanks again.
> >>
> >> Jeff
> >>
> >> "Jack" <(E-Mail Removed)> wrote in message
> >> news:(E-Mail Removed)...
> >>> Hi
> >>>
> >>> NetBEUI actually add security for both Wireless and Internet
> >>> connections.
> >>>
> >>> 1. Since NetBEUI is Not Routable it can Not "leak" info to the
Internet.
> >>>
> >>> 2. As far as Wireless connection is concerned NetBEUI additional
> >>> security is
> >>> more of a statiscal factor. Since most people use TCP/IP and do not
> >>> have
> >>> NetBEUI installed, if your security is Bridged they would not be able
to
> >>> "Read" NetBEUI traffic with TCP/IP.
> >>>
> >>> If the "leecher" does have NetBEUI installed on his/her/s computer the
> >>> situation is not better or worse than with TCP/IP.
> >>>
> >>> Wireless security is Not a matter of Black and White; a lot of the
> >>> statements that are seen on line are more a matter or "social macho
> >>> proverbs" rather than common sense. Beside disabling SSID, which
night
> >>> deem you Wireless connection "Quirky", any other measure adds more to
> >>> the
> >>> general Equation of Security regardless whether somewhere on the
planet
> >>> there is some one that can Brake it.
> >>>
> >>> Wireless Security - http://www.ezlan.net/Wireless_Security.html
> >>>
> >>> WEP, WPA, and the Future - http://www.ezlan.net/wpa_wep.html
> >>>
> >>> Wireless Segregation: http://www.ezlan.net/shield.html
> >>>
> >>> Jack (MVP-Networking).
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> "Matt Gibson" <(E-Mail Removed)> wrote in message
> >>> news:(E-Mail Removed)...
> >>>> 1) Disabling SSID broadcast offers you no real increase in security
> >>>> 2) Implementing MAC filtering offers you no real increase in security
> >>>> 3) WEP is VERY easily circumvented. Use WPA instead.
> >>>>
> >>>> With the configuration you currently have, I'd be more worried about
> >>> people
> >>>> "breaking" into your wireless network. It doesn't matter if you're
> >>> running
> >>>> TCP/IP or NetBeui, neither one will compromise your security, but
> >>>> having
> >>> WEP
> >>>> instead of WPA will.
> >>>>
> >>>> Matt Gibson - GSEC
> >>>>
> >>>>
> >>>
> >>>
> >>
> >>
> >
> >
>
>