NetBIOS: 137, 138, 139

Security Weaknesses:

  • Exposes sensitive information through enumeration attacks.

  • Susceptible to spoofing and DoS attacks.

  • Can be exploited for credential theft.

Security Defense and Mitigation Measures:

  • Disable NetBIOS if not needed.

  • Use strong authentication and encryption.

  • Limit NetBIOS traffic to internal networks only.

Indicators of Compromise or Attack:

  • Unauthorized NetBIOS name requests.

  • Unexpected NetBIOS traffic in network logs.

  • Brute-force attempts against NetBIOS resources.

PreviousRemote Procedure Call (RPC): 135NextInternet Message Access Protocol (IMAP): 143

Last updated