0

I just came across this page ("Direct hosting of SMB over TCP/IP"). It's quite old, so I can't be sure if it's the standard these days. It refers to disabling NetBIOS over TCP and disabling WINS, which suggests that it's still not the standard or default way SMB works these days, at least in many smaller networks.

Is this page still relevant, and if it is, how do I know whether it's a good idea?

My network here is Win 8.1/10 talking SMB 3.x to FreeNAS 11 (Samba 4.5+) if it helps.

Update:

Based on comments below I've updated the question to reflect the point of confusion:

If it's now standard to disable it, clearly none of the Win 8.1/10 PCs and Server 2016/Samba 4.5+ servers on my local network ever got the memo. (Nor did I.) It's all still running on ports 137-139 despite being 100% modern devices that should apparently be preferring a newer approach.

I can imagine that when NetBIOS over TCP is disabled in a small local network without AD, the host announce/locate functions used to enumerate devices offering shares/printers migrates to DNS (or host file lookup), and the actual client-server traffic runs much as before only on a different port and more modern protocol.

I can add specific hosts to my local DNS resolver and I'm running DHCPD locally, if that helps. I might run RADIUS in future but not at the moment.

On reflection, I'm confused about server enumeration, and what I need to do, to move off the old approach (= changes needed to how I currently configure the clients/servers).

  1. How it works? If the old BROWSER functions on ports 137-139 are disabled, how does enumeration by a client of local shares work? Where do available servers and peers offering shares make themselves known? How do potential clients "know" which other local devices offer file or printer shares, and if a device starts to offer a newly created share, or starts to offer a share when it didn't previously, how do existing LAN devices discover this?
  2. What changes I have to make, so it'll work that way? On Windows 8.1/10, apart from the checkbox "Disable NetBIOS over TCP", what else do I have to do, to move my local SMB file shares off the old protocols, off ports 137-139, and onto port 445 or whatever the current practice is?
Stilez
  • 714
  • 7
  • 15
  • 1
    Yes it is standard. "Direct Hosting" means not using Netbios over TCP/IP, which is only used by organizations that want to have a major security incident. – Greg Askew Jul 07 '17 at 13:33
  • In that case, what is the standard practice these days for setting up a network suitable for SMB in smaller networks where there isn't AD? Or is that a separate question? It looks from above that traffic would be on 445 but I'm still seeing it on 137-139. That's what is confusing me at the moment. – Stilez Jul 07 '17 at 16:53
  • The standard practice is to disable Netbios over TCP/IP. That is what uses those ports. – Greg Askew Jul 07 '17 at 18:33
  • Thanks, that's helpful, and lets me define the question better. See update for the point(s) of confusion in my question. Now I'm more sure of current practice, I think those are actually what I mean to ask. – Stilez Jul 08 '17 at 10:06

0 Answers0