Sida loo damiyo NetBIOS iyo borotokoolka LLMNR iyadoo loo sii marayo GPO

Isticmaalayaasha Windows(Windows) qaarkood ayaa ka shakisan laba borotokool, NetBIOS over TCP/IP iyo LLMNR . Hab-maamuusyadani waxay mas'uul ka yihiin waafaqidnaanta shabakaddaada iyo nooca Windows ee dhaxalka ah. Si kastaba ha ahaatee, kuwani aad bay ugu nugul yihiin weerarada MITM(MITM attacks) . Sidaa darteed, si loo kordhiyo amniga shabakadooda isticmaaleyaal badan oo Windows ah ayaa u janjeera inay joojiyaan NetBIOS iyo borotokoolka LLMNR(LLMNR Protocols.In) . Maqaalkan, waxaan ku arki doonaa sida loo joojiyo borotokoolka NetBIOS iyo LLMR(LLMR Protocols) iyadoo la adeegsanayo Tifaftiraha Siyaasadda Kooxda(Group Policy Editor) .

Haddii aad rabto in aad damiso NetBIOS iyo LLMR Protocol , waxa fiican in aad wax yar ka ogaato.

LLMNR  ama Link-Local Multicast Name Resolution waa hab-maamuus ay isticmaalaan IPV6   iyo IPV4 macaamiisha si ay u ogaadaan magacyada nidaamyada deriska ah iyada oo aan la isticmaalin DNS Server . Waxaa lagu soo bandhigay Windows Vista waxaana loo adeegsadaa noocyo ka dib. Markaa, haddii DNS aanu la heli karin borotokoolkan ayaa bilaabmaya.

NetBIOS over TCP/IP  waa borotokoolka dabagalka ee LLMNR  waxaana loo adeegsadaa in lagu daabaco LAN oo laga raadiyo agab. Haddii aad rabto inaad wax badan ka ogaato borotokoolkan, fur  Command Prompt  maamule ahaan oo ku qor amarkan soo socda.

nbtstat

Tani waxay soo bandhigi doontaa tirakoobka borotokoolka iyo xiriirka hadda jira ee TCP/IP iyadoo la isticmaalayo NetBIOS TCP TCP/IP .

Dami LLMR(LLMR) adoo isticmaalaya tifaftiraha Siyaasadda Kooxda(Group Policy Editor)

dami borotokoolka NetBIOS iyo LLMNR adoo isticmaalaya GPO

Waxaad ka joojin kartaa hab-maamuuska LLMR kumbuyuutarka adoo isticmaalaya tifaftiraha Siyaasadda Kooxda(Group Policy Editor) si fudud. Si taas loo sameeyo, billow Run  (Win + R), ku qor " gpedit.msc", oo ku dhufo  Gelida (Enter ) (hubi in GPO lagu dabaqo dhammaan goobaha shaqada ee domainka).

Hadda, u gudub meelaha soo socda.

Computer Configuration > Administrative Templates > Network > DNS Client

Laba jeer dhagsii " Demi xallinta magacyada guryaha badan ee caqliga leh(Turn off smart multi-homed name resolution) ", dooro  Enabled,  oo dhagsii  Apply > Ok.

Hadda, weydii dhammaan isticmaalayaasha inay sugaan Siyaasadda Kooxda(Group Policy) in la cusbooneysiiyo. Ama isticmaal amarkan soo socda si aad ugu qasbeyso cusboonaysiinta.

gpupdate /force

Sidan waxaad awood u yeelan doontaa inaad joojiso LLMR adoo isticmaalaya GPO .

Waxaad ka joojin kartaa LLMR gudaha kombayutarka Windows adiga oo kaashanaya amarrada PowerShell . Bilaw PowerShell(Launch PowerShell) maamule ahaan oo fuli amarada soo socda:

New-Item "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT" -Name DNSClient  -Force
New-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" -Name EnableMultiCast -Value 0 -PropertyType
DWORD  -Force

Dami NetBIOS TCP/IP

dami borotokoolka NetBIOS iyo LLMNR adoo isticmaalaya GPO

Haddii aad tahay Windows 10 ama adeegsade Server , isticmaal tillaabooyinka soo socda si aad disable NetBIOS over TCP/IP .

  1. Ka soo saar  Control Panel  ka  Start Menu.
  2. Hubi in  Aragtidaada ay (View by ) u dejisay  astaamo waaweyn (Large icons ) oo guji  Network and Sharing Center > Change adapter setting
  3. Midig ku dhufo(Right-click) shabakada ku xidhan oo dooro  Properties.
  4. Dooro  Internet Protocol Version 4 (TCP/IPv4)  oo guji  Properties.
  5. Guji  Advanced > WINS > Disable NetBIOS over TCP/IP > Ok.

Sidan, waxaad ka curyaamisay NetBIOS TCP TCP/IP kumbuyuutarkaaga Windows

Dami NetBIOS(NetBIOS) TCP / TCP/IP oo wata GPO

Nasiib darro, ma jirto hab gooni ah oo lagu joojin karo NetBIOS TCP TCP/IP oo wata GPO . Si kastaba ha ahaatee, waxaanu  samayn doonaa faylka .ps1  si aanu sidaas oo kale u samayno.

Ku koobbi koodka soo socda ee  Notepad  oo u magacow "disableNetbios.ps1".(“disableNetbios.ps1”.)

$regkey = "HKLM:SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces"
Get-ChildItem $regkey |foreach { Set-ItemProperty -Path "$regkey\$($_.pschildname)" -Name NetbiosOptions -Value 2 -Verbose}

Hadda, fur  Tifaftiraha Siyaasadda Kooxda Maxalliga (Local Group Policy Editor ) oo tag meesha soo socota.

Computer Configuration > Windows Settings > Script (Startup/Shutdown) > Startup

Laba jeer guji  Startup, tag PowerShell Scripts, oo beddel " GPO kan, ku socodsii qoraallada sida soo socota" si aad marka hore u socodsiiso (For this GPO, run scripts in the following order” ) qoraalka  Windows PowerShell.(Run Windows PowerShell script first.)

Guji  ku Add > Browser  oo dooro faylka "disableNetbios.ps1" meesha uu ku yaal . Ugu dambeyntii, dhagsii  Apply > Ok  si aad u socodsiiso qoraalka.

Si loo qasbo isbeddelada midkood dib u bilaabo kombayutarkaaga ama dib u bilaw Adapterkaaga Network(Network Adapter) . Haddii aad rabto inaad aragto isbeddellada, isticmaal amarkan soo socda si aad u hubiso in NetBIOS ee ka TCP/IP ay naafada u tahay Adapters Network(Network Adapters) .

wmic nicconfig get caption,index,TcpipNetbiosOptions

Waxaan rajeyneynaa(Hopefully) , iyadoo la kaashanayo maqaalkan, waxaad awoodi doontaa inaad damiso Hab-maamuuska NetBIOS iyo LLMR(LLMR Protocols) adoo isticmaalaya GPO .

Akhri Xiga: (Read Next: )How to enable or disable NetBIOS over TCP/IP on Windows 10



Zara Barnes

About the author

Waxaan ahay injineer software leh in ka badan 10 sano oo waayo-aragnimo ah warshadaha software. Waxaan ku takhasusay abuurista iyo ilaalinta codsiyada software shaqsi iyo shirkad, iyo sidoo kale horumarinta qalabka horumarinta ee ganacsiyada yaryar iyo ururada waaweyn. Xirfadahaygu waxay ku jiraan horumarinta codeBase adag, wax ka saarista & qalabka tijaabinta, iyo inaan si dhow ula shaqeeyo isticmaalayaasha dhamaadka si loo hubiyo in codsiyadoodu u shaqeeyaan si aan cillad lahayn.


Related posts