Version: 2008
  • On The Insider: Britney's Bikini-Clad Top 10

Windows 2000 NetBIOS Name Server Protocol Spoofing Vulnerability Patch

  • Quick specs
  • Price: Free
  • Operating system: Windows 2000
  • Date added: July 31, 2000
  • Total Downloads: 19,995
  • Downloads last week: 1
  • See full specifications
Add to my list Add to my Watch List
Download Now (258.53K)
Tested spyware free

Publisher's description

From Microsoft :

The NetBIOS Name Server (NBNS) protocol, part of the NetBIOS over TCP/IP (NBT) family of protocols, is implemented in Windows systems as the Windows Internet Name Service (WINS). By design, NBNS allows network peers to assist in managing name conflicts. Also by design, it is an unauthenticated protocol and therefore subject to spoofing. A malicious user could misuse the Name Conflict and Name Release mechanisms to cause another machine to conclude that its name was in conflict. Depending on the scenario, the machine would as a result either be unable to register a name on the network, or would relinquish a name it already had registered. The result in either case would be the same the machine would not respond requests sent to the conflicted name anymore.

If normal security practices have been followed, and port 137 UDP has been blocked at the firewall, external attacks would not be possible. A patch is available that changes the behavior of Windows systems in order to give administrators additional flexibility in managing their networks. The patch allows administrators to configure a machine to only accept a name conflict datagram in direct response to a name registration attempt, and to configure machines to reject all name release datagrams. This will reduce but not eliminate the threat of spoofing. Customers needing additional protection may wish to consider using IPSec in Windows 2000 to authenticate all sessions on ports 137-139.

Microsoft created this patch to eliminate this security vulnerability.

ACDSee Photo Manager
Manage and share your photos.
Download Now

More popular Encryption Software downloads

  1. 37,105 downloads 1. RoboForm
  2. 29,307 downloads 2. Hotspot Shield
  3. 25,495 downloads 3. Computer Use Reporter
  4. 9,596 downloads 4. Easy File Encryption
  5. 8,661 downloads 5. Easy Private Disk
  6. See all Encryption Software downloads
J. River Media Center
Organize and play audio, video, images, TV, Web media.
Download Now

User reviews

Submit your review

Log in or create an account to submit your review for:

Windows 2000 NetBIOS Name Server Protocol Spoofing Vulnerability Patch

ORLog in with your Facebook account
1. Rate this product:
(Mouse over the stars to rate this product and click to set your rating.)
2. One-line summary:(Summarize your review in one line. 10 characters minimum; required.)
0 of 55 characters
3. Pros:(Tell us what you like about this product. 10 characters minimum; required.)
0 of 250 characters
4. Cons:(Tell us what you don't like about this product. 10 characters minimum; required.)
0 of 250 characters
Bottom-line summary:(Explain to us in detail why you like or dislike the product, focusing your comments on the product's features and functionality, and your experience using the product. This field is optional.)
0 of 5000 characters

The posting of advertisements, profanity, or personal attacks are prohibited.
Click here to review our site terms of use.

Submit
See more CNET content tagged:
Microsoft Windows 2000,
NetBIOS,
patch,
protocol,
security

advertisement
download
Site map
Help center
Our software policies
Newsletters
Submit software
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET