Powershell to disable NetBIOS over TCP/IP

You don’t need your machines talking to each other via NetBIOS over TCP/IP. Turn this off to cut down on network chatter and reduce your attack surface.¬† The following PowerShell is useful¬†as step during OS deployment (one-off config), or as a Group Policy startup script (every boot).

# disable NetBIOS over TCP/IP on new adapter (legacy protocol not required)
$NETBIOS_DISABLED=2
Get-WmiObject Win32_NetworkAdapterConfiguration -filter "ipenabled = 'true'" | ForEach-Object { $_.SetTcpipNetbios($NETBIOS_DISABLED)}

For DHCP clients you can disable NetBIOS over TCP/IP using a DHCP option
dhcpoption


Find more IT Infrastructure tips at www.alexmags.com

Leave a Reply