Securing WINS Servers

Previous page
Table of content
Next page

Securing WINS Servers

To protect a WINS server against these threats, you must take measures that limit the probability of a successful attack. The following measures can be taken:

  • Monitor membership in the WINS Admins group.

  • Validate WINS replication configuration.

  • Eliminate NetBIOS applications and decommission them.

Monitor Membership in the WINS Admins Group

Members of the WINS Admins group can modify the WINS server s configuration, including replication and the ability to add static WINS records to the WINS database. By restricting membership, you restrict who can make these modifications. Remember that members of the Server Operators and the local Administrators groups at the WINS server can also modify settings. Periodically review the membership of these administrative groups to ensure that members are authorized.

Validate WINS Replication Configuration

Periodically review the WINS replication configuration to make certain that sufficient connectivity exists between the deployed WINS servers. Sufficient connectivity enables full replication of the WINS database between all WINS servers. If a WINS server is removed from the network, it is possible for duplicate WINS records including false records to be created in the WINS database.

Eliminate NetBIOS Applications and Decommission Them

Ultimately, attacks against a WINS server can be prevented by eliminating NetBIOS applications. Upgrade all applications that require NetBIOS to versions that do not.

You can disable NetBIOS on Windows 2000 clients by clicking Disable NetBIOS Over TCP/IP on the WINS tab of Advanced TCP/IP Settings for a network adapter. Alternatively, you can disable NetBIOS under Advanced Scope Options For A DHCP Scope by clicking the Microsoft Disable NetBIOS option under Microsoft Windows 2000 Options For DHCP Clients.

Ensure that NetBIOS is not used on the network before disabling NetBIOS at each Windows 2000 based computer. You can determine whether NetBIOS is required by monitoring the following Performance Monitor counters at each WINS server:

  • Windows Internet Name Service Server: Total Number Of Registrations/Sec

  • Windows Internet Name Service Server: Queries/Sec

  • Windows Internet Name Service Server: Successful Queries/Sec

Remember that if a client computer is configured with a WINS server s IP address, it will send queries to the WINS server.


Previous page
Table of content
Next page
Microsoft Windows Security Resource Kit
Microsoft Windows Security Resource Kit
ISBN: 0735621748
EAN: 2147483647
Year: 2003
Pages: 189
Authors: Ben Smith, Brian Komar
BUY ON AMAZON
Qshell for iSeries
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Adobe After Effects 7.0 Studio Techniques
Sap Bw: a Step By Step Guide for Bw 2.0
Special Edition Using FileMaker 8
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy