How to disable Netbios on MacOSX (Leopard)
- April 14th, 2008
- Posted in Documentation
- Write comment
vi /etc/smb.conf
…
disable netbios = yes
smb ports = 445
…
Stop nmbd:
launchctl unload -w /System/Library/LaunchDaemons/nmbd.plist
Note: You may need to do the launchctl command a couple times. Not sure why but it did not always stop nmbd. Below is a portion of the nmbd.plist file. If set correctly to disable Netbios, you will see the KeepAlive instead of Enabled (the default).
Thanks. This is a very helpful.
Thanks. Just one question, how do I reenable it?
To reenable you should just have to do the opposite.
Remove the following lines you added to your /etc/smb.conf:
disable netbios = no
smb ports = 445
Start nmbd:
launchctl load -w /System/Library/LaunchDaemons/nmbd.plist
Hey again, thanks for the swiift response. Appreciate it cuz this is really helpful. Just needed to verify two things real quick
1. Where exactly in /etc/smb.conf should I add the line you stated above? If you can assist me I’d be grateful.
2. Finally, how do I disable the netbios client The NetBIOS client that sends out packet on port 137 or whatever?
Thanks a lot.
I added the lines just below the [global] label.
To disable the client, this should block the port from sending any traffic on port 137
http://jim-zimmerman.com/blog/?p=165
What do you think about disabling / Blocking ports 137, 138, 139 and 445 at the Router level (Hardware Firewall) – and then Reinforce such rules at the Mac side by blocking all incoming connections to sharing stuff and using Stealth Mode at Lions Firewall, and then Reinforce it again by using Little Snitch to block all applications to use such ports to any server. So far, it seems to work for me 😉
I thought about doing this with the firewall, but this did not seem like a real solution. Also, I could not do it at the router level, because this was an issue on a flat network. While you solution sounds like it will work, it seems to be a lot more work to accomplish something that should be simple.
does this code still apply? in particular to Lion? i keep getting netbios attacks on my computer.
@stephen
I do not know for sure, if this still applies to Lion. There is no smb.conf installed like Leopard. I know that there were quite a few changes that were supposed to be made to connect to Windows shares, but I have not found anything specific yet. However, if you do not have file sharing on using SMB, nothing would be listening on port 445. That is your first line of defense. If you are not behind a firewall, then you could enable the firewall in Lion and block all incoming traffic (under Security & Privacy). Start the firewall and click on the Advanced button, then check “Block all incoming connections.” However, this will block all incoming traffic, and may not be what you want. You should also be able to block the port using ipfw, but that is quite involved unless you use a front end application to manage it.
How do I disable this on Yosemite?
Unfortunately, I have not yet used Yosemite. As far as I know the firewall is the same, and could be blocked there.