NetBEUI

Printable View

December 9th, 2002, 12:03 PM
DVOM

1 Attachment(s)

NetBEUI

We've been using just TCP/IP on our 7 machine w2k P2P network. I'm wanting to switch the LAN to NetBEUI for file and print sharing. It looks like this would be a more secure option.

Is all I need to do is uncheck TCP/IP in both options as shown in the attachment? (on all machines) Is a reboot of all the machines then necessary? And lastly do I have to do anything additionally with TCP/IP as far as the internet goes?

Thanks much
December 9th, 2002, 04:51 PM
TropicalBound

Well, to unbind TCP/IP from your adapter, yes, uncheck it and then reboot.

However, without TCP/IP you will not access the internet.
December 9th, 2002, 05:10 PM
shiva_42

DVOM:

Are you accessing the 'net via a dial-up modem or a broadband connection? If you are dial-up, then you can specifically bind the TCP/IP protocol to ONLY the modem, with NETBEUI bound to the NIC.

If you are on a broadband connection, you will still need to maintain the TCP/IP binding to the NIC to facilitate Internet access.

:D
December 9th, 2002, 09:31 PM
Pakrat

1 Attachment(s)

I think this way is more simple.

Under TCP/IP properties, Advanced Button, WINS Tab. Disable NetBIOS over TCP/IP.
December 9th, 2002, 10:17 PM
DVOM

Thanks for the info people.

Well, I thought I could separate "file and printer sharing" from the internet but according to TropicalBound's and shiva's posts that isn't so. Only one NIC in each machine as we're on DSL modem and router. Each machine and the router has a separate IP assigned by the ISP so no DHCP action here.

So I'm left thinking I should just stay with what I've got, TCP/IP for the whole works and not install NetBEUI at all.

Then to make a baseball analogy, I'm sitting here at the plate with an 0-2 count and thinking I'm starting to understand the game and then PakRat comes in and throws me a changeup. Ooops, slipped the third one by me...lol. 0-3!

So what's necessary to separate file sharing from the internet?

And PakRat, if I'm not using NetBEUI, how does what you're telling me apply?

I've drilled down to the level where I'm clueless here. Always nice to find out that sort of thing before it's critical. Sure don't want to find it in an emergency.
December 9th, 2002, 10:58 PM
Newt

Do install NetBeui if you want.

Then do what Packrat suggested and you will have TCP/IP for internet use but it won't talk to some of your local stuff so you will have the isolation you want.

NetBios <> NetBeui.
December 9th, 2002, 11:12 PM
flachebaq

How are you determining that NetBUEI is more secure than TCP/IP? Actually, in my mind TCP/IP is ten times more secure because it is a routable protocol. NetBUEI is a broadcast protocol that is actually going to degrade your network performance because it will be broadcast to all workstations on the network. If you're worried about someone getting into your network over the Internet, just use a non-routed address range like 10.x.x.x or 192.168.x.x. Using NetBUEI is also going to limit what kind of devices you can put on your network and what kind of network software you can use.
December 10th, 2002, 01:07 AM
Pakrat

"So what's necessary to separate file sharing from the internet?"

NetBEUI, or a firewall at the router to block any file sharing ports from entering or exiting the network.

"And PakRat, if I'm not using NetBEUI, how does what you're telling me apply?"

What I told you will turn off NetBIOS over TCP/IP = File Sharing over TCP/IP = File Sharing on the internet.

"How are you determining that NetBUEI is more secure than TCP/IP?

Because NetBEUI does not go onto the internet. This was DVOM's goal. While there may not be any security on his LAN, file sharing is secured from the Internet.

"in my mind TCP/IP is ten times more secure because it is a routable protocol."

Just the fact that it goes onto the internet makes it that much more insecure. Please read my comments later in this post regarding routing file sharing.

"NetBUEI is a broadcast protocol"

True, and yes it has the possiblity of degrading network performance. Using it is something that is left up to whomever is running the network. I personnally will take NetBEUI over NBoTCP/IP anyday for a smaller network.

"Using NetBUEI is also going to limit what kind of devices you can put on your network and what kind of network software you can use."

He isn't getting rid of TCP/IP, he just wants to share files on his LAN without sharing them to the Internet. All his programs will continue to work fine.

"I thought I could separate "file and printer sharing" from the internet "

Here it is: YOU CAN! TCP/IP and NetBEUI have nothing to do with each other, they work completely independent from each other. Follow my suggestion with disabling NetBIOS over TCP/IP and you've stopped file sharing over TCP/IP. Install NetBEUI and you are file sharing, but it will not go past your router.

My biggest problem with NetBIOS over TCP/IP (may not be applicable here) is that if you are on a high speed connection (DSL, Cable) and you have 2 or more IPs on different subnets(common)- File sharing has to go out to the first router, and back to your PC! Slows the connection (1st), puts your file sharing on the internet (2nd). When NetBEUI wouldn't even go past your cable/DSL modem. And NetBEUI works better with Network Neighborhood/My Network Places.

Understand, I am defending NetBEUI with my opinion.

You have to look at how useful NetBEUI is. I have one PC (65.x.x.x) on a (192.168.x.x) network, sharing files, using NetBEUI. I do also have the option of file sharing through the router on TCP/IP, but that is hella slow.

My message was a little lengthy, because I felt flachebaq, you were trying to say 'don't do that' (w/attitude). DVOM has a reasonable reason to do it.
December 10th, 2002, 02:41 PM
DVOM

Thanks for all the input here. My biggest problem was I didn't understand the subject matter, however with the suggestions here and some of my own digging I've got a handle on it now. Figuring out file and printer sharing IS NetBIOS was what I needed.

So what I'll do is leave things as they appeared in my first attachment, then unbind NetBIOS from TCP/IP as PakRat's attachment indicated.

I found this page talking about what we're covering and some other aspects of the various protocols. Some interesting things said about "ShieldsUp" down near the bottom of the page.
December 10th, 2002, 08:38 PM
alphanumeric

It's really very simple to separate the bindings.
Start, settings,
win 2k right click Network and dial-up connections and select properties.
win XP right click network connections and open.
Now select advanced and then advanced settings and click away.
December 12th, 2002, 03:56 PM
DVOM

Thanks for all the help, I've got it up and running on my 2 machine w2k network at home.

One thing I noticed while experimenting was if one machine is setup to use NetBEUI while the other machine is set to use TCP/IP on the network, the NetBEUI machine (NetBIOS unbound from TCP/IP) can find and access the TCP machine using the IP address.

However, the opposite is not true. The TCP/IP machine can only ping the NetBEUI machine. Otherwise it cannot find it or access it on the network by any means. I've switched the setups so this isn't machine specific. This type of isolation is what I wanted.

Is this behavior normal? TIA
December 13th, 2002, 10:33 PM
Newt

If you can ping a machine, both have TCP/IP. Maybe not connecting via that protol but certainly have it loaded.

Ping does not exist with NetBeui or IPX. It sends a packet to an IP address and gives you feedback about response to that packet. Neither of the other protocols has the first clue about an IP address. Don't have em, don't understand em, can't use em.
December 14th, 2002, 12:20 PM
DVOM

Thanks Newt, I think that's why the NetBEUI machine can see the TCP/IP machine, both machines have TCP/IP loaded. While the opposite isn't true, they both DON'T have NetBEUI loaded.

I'm going to switch our LAN over later this morning.