The simple FACTS about Netbeui

[Mr_Q 0]

You all have listed great reasons for and against. However, here are the simple facts. NetBeui *is* more secure than TCP/IP Why? Because when unbound from TCP/IP, as it should be, it is completely transparent to the internet. Your shares on your network will *only* be seen on *your* local network. You will *never* seem them on the internet as they do not exist in that pipeline. Combine that will killing Netbios over TCP/IP and your networking is virtually invisible. And that's even without a firewall. I find it odd that MS has killed it in favor of TCP/IP for local networking. Which, it's own wizard tells you, is an unsecure way to build a home network. That you better use a firewall! DUH! That's why you use NetBeui!

[clutch 1]

OK, I guess you want some attention to this as it's posted twice. Cool.

 

Here's the deal, if a PC is connected to others on a network, then it should be using some sort of NAT/PAT system to get out to the Internet. In that case, NetBIOS over TCP/IP isn't an issue. In addition, if you are running a switched system, packet sniffers get factored out as well (unless there is a system that is compromised and has a monitor on it designed for upper layer reading, but since it's compromised it wouldn't really matter anyway). NetBEUI is faster, but that's it. That's the only thing to gain with it. It generates a ton of message traffic, and is non-routable by nature. You can't use WINS with it on a small network for more reliable, centrally contolled NetBIOS name resolution. There is just little reason to mess with it. You claim that it's more secure, when in fact its "security" hinges on its faults rather than its abilities. Also, most of these systems are designed for a couple network functions in mind; ICS and AD. Both of which require TCP/IP to function. So, in other words, why bother?

[Mr_Q 0]

You are convincing me, but I am still worried. Here is my setup...

 

Cable modem

10/100 Switch

Two computers and a printer

Both computers connect to the i-net through the switch

Both computers are always on.

Both computers are using DHCP from the cable modem provider

No firewall, no NAT. NAT not needed because Cable modem company provides up to 8 DHCP allocated users per modem.

NetBios is diabled, Netbeui being used for local networking.

Computers have shared folder and printer sharing going on. These are setup through Netbeui only and Client for MS Network and File and Printer Sharing are only bound to NetBeui.

 

Can I use something else with XP to accomplish the above? And How?

IPX and TCP/IP maybe?

 

I prefer not to have to run a firewall.

[clutch 1]

TCP/IP would be a much better solution than IPX/SPX, as some apps will not work with that protocol (by the same token some apps, like games, will only work with that protocol) and IPX is on its way out. File and Print Sharing will work fine though, and you can enable NetBIOS over IPX/SPX to get the same "feel" as NetBEUI. I did this for a classroom network that contained both Novell 4.x and NT servers a couple of years ago. We could only use one protocol at a time for our telephony software (it ran in DOS on 486s, and had some hefty drivers to be loaded into conventional memory) and this was the only one that worked consistently enough on both systems. All 16 client systems had no problem connecting to both servers and sharing resources.

 

Now, what IP range is the modem giving out? Are they "real" (public) IPs, or just 192.blah blah or 10.blah blah? If each workstation can be pinged directly from the outside, then they are more than likely getting public addresses. Also, I have seen that some providers have canned NetBIOS traffic over IP, so there may not even be an issue for you.

[Mr_Q 0]

My provider spits out IP's from it's domain. Which is 24.234.xxx.xxx

The third number(gateway locator) and forth number(identifier) are random. They get fed from teh DHCP server. So they are public numbers. And technically anyone could scan to find an availible one and use it! But they find that out pretty quickly.

 

So I am thinking I should use IPX, but only fro my local networking and shares. I will bind file sharing to IPX only. For interent acces I will use TCP/IP as I always have. I would basically replace NetBeui with IPX.

 

That should work?

 

Now for my other issue. Why are neither machines seeing my workgroup? I have both XP boxes configured for TCP/IP currently and on the same workgroup. Yet nothing shows up, not even the local computers shares! How is that even possible? I am referring to the "Computer Near Me" area.

[clutch 1]

Can you browse them directly using "\\PCName\share"? If you can do this, yet not see the machines in Network Neighborhood, then it's due to not having a successful Master Browser selection on your network. A machine will always try to be the network Master Browser by default, and this just means that the machine in particular will hold and record the names of the computers on the network and their corresponding addresses. Usually, this is something you see with people that use TCP/IP w/NetBIOS that don't have a WINS box setup on their network. Sometimes, a Master Browser doesn't get selected due to repeated elections, it can't be contacted by the requesting client, or it doesn't pick up a freshly booted machine and hence doesn't cache its location. In general, name resolution without a DNS or WINS box on a network tends to be flaky at best.

[clutch 1]

Oh, and if security is REALLY your bag, then you may want to consider implementing IPSec policies on your workstations. This is for Win2K, so I don't know if the snap-ins are available in XP as of yet:

 

http://www.microsoft.com/windows2000/techinfo/planning/security/ipsecsteps.asp

[Mr_Q 0]

Thanks for the tips. I am using IPX for printer and file sharing and TCP/IP for internet access. File and Printer sharing are bound only to IPX. So those shares should be fairly "off" of the i-net for public viewing. And my internet provider doesn't use IPX at all. Just TCP/IP. So no one in my neighborhood(real one) should be able to peek inside my network.