I'm a junior system engineer looking for some advice on disabling NBNS (NetBIOS Name Service) in our network. I noticed a lot of NBNS traffic while analyzing our subnet with Wireshark, particularly from laptops. Here are my questions: If DNS records are operational, why do we still see NBNS/LLMNR traffic? How can I identify if anything in our environment depends on these protocols before turning them off? What is the best way to test this safely in a production setting? Also, are there typical issues that arise when disabling these protocols, like problems with apps, printers, or shared resources? I appreciate any guidance you can provide!
5 Answers
The best practice is to disable NetBIOS for your domain controller. This can be done either manually or using Group Policy. It's recommended by CIS and other security guidelines. If you have a solid DNS setup like Active Directory, NetBIOS is pretty much unnecessary. Just make sure to follow a safe procedure!
It's generally considered an outdated protocol. Go ahead and turn it off; you might not even notice any difference. If something is using it, you'll hear about it soon enough!
NBNS and LLMNR are still commonly used for local name resolution, even when DNS works. To find out what might rely on them, you could monitor server logs and do a gradual disable in a controlled test environment first. Just a heads up, legacy applications, printers, or local shares could break when you turn this off. It’s all about careful, staged testing! You could use something like Jama Connect for tracking any dependencies and keeping your changes organized.
It's mostly not used by modern Windows systems; it mainly relates to certain hardware. Unless you need PXE booting and your DNS server isn't set up for that, I’d recommend disabling it. You can always turn it back on if needed.
I call it the "scream test"—just disable NBNS and see if anyone complains. Most likely, it will be silent, but it’s good to be cautious.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures