NetBios

I am having some difficulty understanding the relationship between the
'NetBios TCP/IP Helper Service' versus the 'NetBios over TCP/IP' setting in
the Network Properties Configurations - Internet Protocol (TCP/IP) -
"Properties" - "Advanced" - "WINS" - NetBios Setting (enable, disable, etc).
We have Windows 2000 and Windows 2003 servers, and use DNS for name
resolution. For security reasons, we 'Disable NetBios over TCP/IP' in the
network configurations. We do not experience any problems with this disabled.
However, when I stop the NetBios TCP/IP Helper Service, we run into a
multitude of problems ranging from problems with GPO's in our AD to loss of
backup functionality of our back up/disaster recovery system (i.e. during the
backup of SQL server databases using our backup system, firewall logs show
that the Management server is able to communicate with the client servers,
but the client servers cannot communicate back to the Management server.
There are no firewall rules blocking this).

Why can the network configuration have a disabled NetBios setting, but yet
the NetBios helper service has to be running?
Is security compromised by having the 'NetBios TCP/IP Helper Service' run?

I haven't been able to find any good documentation that describes the two in
relation to one another.

Information would be greatly appreciated!

AB

NetBios TCP/IP Helper Service is necessary for File and Printer Sharing as
well as GPO propagation, remote Computer Management, and a number of other
functions. As to why this is so, well .......... it's by design?

NetBIOS over TCP/IP is also required for a number of functions such as
Exchange and the Computer Browser service. Enabling NetBIOS does not
especially affect network security - even if it is disabled, you still need
protection from external threats and Windows provides multiple protection
mechanisms to manage security on the internal network.

Doug Sherman
MCSE, MCSA, MCP+I, MVP

"amb_66" <(E-Mail Removed)> wrote in message
news:F2530C9C-A2A1-4E04-84A0-(E-Mail Removed)...
> I am having some difficulty understanding the relationship between the
> 'NetBios TCP/IP Helper Service' versus the 'NetBios over TCP/IP' setting
in
> the Network Properties Configurations - Internet Protocol (TCP/IP) -
> "Properties" - "Advanced" - "WINS" - NetBios Setting (enable, disable,
etc).
> We have Windows 2000 and Windows 2003 servers, and use DNS for name
> resolution. For security reasons, we 'Disable NetBios over TCP/IP' in the
> network configurations. We do not experience any problems with this
disabled.
> However, when I stop the NetBios TCP/IP Helper Service, we run into a
> multitude of problems ranging from problems with GPO's in our AD to loss
of
> backup functionality of our back up/disaster recovery system (i.e. during
the
> backup of SQL server databases using our backup system, firewall logs show
> that the Management server is able to communicate with the client servers,
> but the client servers cannot communicate back to the Management server.
> There are no firewall rules blocking this).
>
> Why can the network configuration have a disabled NetBios setting, but yet
> the NetBios helper service has to be running?
> Is security compromised by having the 'NetBios TCP/IP Helper Service' run?
>
> I haven't been able to find any good documentation that describes the two
in
> relation to one another.
>
> Information would be greatly appreciated!
>
> AB
>