NetBIOS
 

Hi All

When it comes to configuring Routers & NAS I'm Lost.

VirginMedia has sent me 4 letters about my NetBIOS vulnerability.
I have my Router on LOW. If it is anything Else I can't Download or access my NAS via my mobile phone away from home. Medium up is too restrictive.

What has it got to do with VM if I have it open. Why don't they mind their own business...

How do I configure my Router & NAs box to still receive files & share n to let me access them anywhere I want. Plain English would be nice. as I am a bit dull with these things.

Re: NetBIOS
 

What model of Router & NAS do you have?

Re: NetBIOS
 

Virgin shrub 2, I think. Blue with Wi-Fi Button on side. D-Link ShareCentre DNS-320L.
I disabled the Netbios so far and put the router Firewall into Medium..So far the download is doing OK. Though I have Not switched off the Router n switched back on. Got a feeling when I do, it will not download anything. All Ports are closed according to "Shields Up"

Re: NetBIOS
 

VM are minding their own business. They're an ISP and you're running equipment in a vulnerable state on their network. NETBIOS is easy to exploit over the internet, and an attacker can easily get into your local network, access your machines and/or hook you up to a bot net if you're exposed in this way.

NETBIOS/SMB operates over ports 137,138,139,445. It could be that you just have these ports exposed and it's triggered an automatic warning, but I doubt it as I've seen similarly unguarded networks a hundred times over and nobody has received anything about netbios vulnerabilities from VM.

Why do you need your SH firewall set to low or off in order to access the shares? Can't you simply put the NAS on a static LAN IP, then set up a port forward to the NAS UI and leave the firewall in situ? You would then be able to harden the NAS itself (e.g. restricting access to particular IPs and/or MACs, setting a very strong password etc).

Alternatively, much better yet, throw the SH into modem mode and set up a proper firewall appliance (e.g. pfSense). I can't envisage any reason you need to expose your local NETBIOS/SMB over the wider internet.

Re: NetBIOS
 

Never had a problem in all the years I have used Internet. Why all the cry about it now.
Is OK for someone like yourself to tell us these things (Appreciated) but you understands it all (I do NOT) Hundreds n Thousands don't understand it. All Ports are now STEALTHED ! since I unticked NetBios and put Router on Medium. Alas I getting confused in trying to let my ROUTER & NAS to share my Photography etc.
Doing the Static IP & restricting access to particular IPs etc is a bit beyond me I'm afraid.
PORT BLOCKING asks for a Start & End number, a Name for the Rule & a IP address. Not got a clue as to what to put in there. Anyway, Nothing I going to do will Stop those Intent on accessing my ports/NAS if that is what they want to do. I guess I'm Lucky after 15/20 years of use. Any Help that is easy to Follow would be Appreciated instead of the Chastisement..Thank You

Re: NetBIOS
 

Probably because the number of botnets (a botnet is a group of devices that can be controlled by a hacker), despite many high profile takedowns, is increasing. It's no longer only computers being affected. One recent major attack was launched using a botnet composed mainly of Wifi connected cameras and routers. http://arstechnica.co.uk/security/20...-the-internet/

I am not chastising and I hope I don't sound like I am, but saying that nothing you do will stop those with intent on accessing your network is like saying nothing you do will stop those with intent breaking into your house. As with your house, doing what you can to secure it may not stop someone determined and knowledgeable breaking in, but it will reduce the probability of someone breaking in.

Re: NetBIOS
 

Thanks Stuart..& RainmakerRaw----
Is there guidance anywhere that shows us how to Secure my NAS box but still let me access it anywhere & or still share it if needed.. D-Link ShareCentre DNS-320L.

I see someones LG smart TV got Ransomeware on it. At least with a PC, one can FORMAT n start again if needed..HAPPY NEW YEAR folks.

Re: NetBIOS
 

When I put my Shrub on MEDIUM, I can NOT download a darn thing. LOW works a treat.
With my D-Link NAS on OFF all my Ports are STEALTHED.
When my D-Link is ON, the D-Link is open to the World...Has to be Open for me to access it anywhere in the world. So if you know how to solve my D-Link for me to access it anywhere but exclude the world, Please do tell. Solved my Printer, When it's switched off LOL. Wrote a 2 page letter to Virgin media in LLansamlet to tell them to either Tell Everyone what they on about and in plain English how to solve it OR STOP sending me the letters. The Port numbers they refer to have Nothing to do with me.