On Mon, May 4, 2009 at 6:35 PM, Jeremy Anderson <[email protected]> wrote: > I have investigated this a bit, and I just wondered if anyone had any > opinions they would like to share.
Short version: Lots of things depend on NetBIOS. That including lots of things from Microsoft. Most notably, Exchange Server 2003 and earlier. You can disable NetBIOS if you don't use any of those things, but myself, I'm not convinced that Microsoft has completely eliminated NetBIOS dependencies from their own stuff, let alone what third-party software houses do. > I have no legacy clients (but a lot of Mac's and Linux Machines) Samba has support for "SMB direct over IP", i.e., without NetBIOS. For several years now, I think. I'm not sure what software/components might still need/assume NetBIOS, though. I've never tried it; no idea how well it works. No idea about Mac. > Are there security pros and cons? Reducing attack surface is always a good thing for security, and cutting out the NetBIOS protocol would do that. > Will I have to ping machines by fqdn (i shouldn't, because the connection > suffix should append). Correct, ping (along with most everything else) should follow the rules for DNS lookups. > What about browsing shares? The browse list -- the list of computers on the network, AKA "Network Neighboorhood", AKA "My Network Places", etc. -- is a feature of NetBIOS. If you disable NetBIOS you'll lose that. You should still see the shares on a server if you connect to the server itself. > Currently I connect \\machinename\c$, will that change? That should still work the same. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
