NBNS (Netbios) storm, how to prevent?.
Interesting discussion that made me figure out my problem — my laptop had a printer mapped to a networked windows printer which caused it to keep sending nbns broadcasts.
Tag Archives: nbns
Packetstan: NBNS Spoofing on your way to World Domination
Since the look up is just a hostname, windows adds the local DNS suffix to the query and asks its DNS server(s). The suffix picked up my the Windows box usually comes from the DHCP server. As you can see, the DNS server replied that it had no idea on how to lookup that name. Next, you’ll see the NBNS Request. The beautiful thing is, the NBNS Request is a broadcast, so anyone can reply easily and redirect traffic.
via Packetstan: NBNS Spoofing on your way to World Domination.
NetBIOS/NBNS
NBNS serves much the same purpose as DNS does: translate human-readable names to IP addresses e.g. www.wireshark.org to 65.208.228.223. As NetBIOS can run on top of several different network protocols e.g. IP, IPX, …, other implementations of the NetBIOS services have their own mechanisms for translating NetBIOS names to addresses. NBNS’s services are more limited, in that NetBIOS names exist in a flat name space, rather than DNS’s hierarchical one multiple flat name spaces can exist, by using NetBIOS scopes, but those are rarely used, and NBNS can only supply IPv4 addresses; NBNS doesn’t support IPv6.