Microsoft has started the process of disabling NetBIOS name resolution in Windows. The OS will come with a Learning mode as the default, where NetBIOS is only used as a fallback after mDNS & LLMNR queries fail. Apart from mDNS which is considered a modern standard for multicast name discovery, Windows supports other multicast name resolutions protocols like NetBIOS name resolution and LLMNR. This, however, is about to change following the recent announcement.
Microsoft begins turning off the NetBIOS name resolution in Windows
In a recent blog post, Tommy Jensen of Windows Core Networking highlighted that the NetBIOS name resolution and LLMNR protocols are rarely used today. Still, keeping them active increases the chances of the Attack surface of devices and expands the load on the networks they use, unnecessarily. As such, it makes sense to discard these protocols but disabling these protocols needs to be balanced with real-world deployments which may still depend on them.
Going forward, NetBIOS name resolution has been disabled for cellular interfaces as it is rarely applicable there. As for Dev and Beta Insider builds of Windows where the protocol is only used as a fallback after mDNS and LLMNR queries fail, it has been placed in Learning Mode.
Tommy Jensen also has a word of caution – In case the new change causes any connectivity issues, users can choose to restore the previous NetBIOS name resolution functionality by enabling the Configure NetBIOS settings Group Policy and selecting one of the allow or learning modes.
The Group Policy can be found at the following location –
Computer Configuration > Administrative Templates > Network > DNS Client
Also, it’s possible to restore the behavior via Registry Editor.
Go to the following path address –
There, create a REG_DWORD called ‘EnableNetbios’ and use the Edit String box to set the value to one of the following:
- 0 – Disabled
- 1 – Allowed
- 2 – Disabled on public networks
- 3 – Learning mode (set as default in Insider builds)
Microsoft believes it is a step in the right direction.
Read: How to disable NetBIOS and LLMNR Protocols via GPO.