Category: Networking Ports & Protocols

Major performance boost: Disable NETBIOS and related on all Windows NICs
article #1557, updated 2 days ago

NETBIOS is a very legacy protocol, security of it is very poor. Substantial performance gains by disabling it have been noticed. This is probably because when active it broadcasts constantly to every single NIC on its LAN, creating NIC and switch contention. Also, a large proportion of security violation exploits use it, so disabling becomes a very good idea in general. The only exceptions occur when there are needs to do SMB sharing with very old machines, machines all long out of support. By default, it is still active on all current Microsoft Windows operating systems.

Here is a paste to Powershell that does it all:

Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = [UInt32](2) }

Get-WmiObject Win32_NetworkAdapterConfiguration | Invoke-WmiMethod -Name SetWINSServer -ArgumentList @('','')

$nicall = [wmiclass]'Win32_NetworkAdapterConfiguration'
$nicall.enablewins($false,$false)

Set-Service -Name "lmhosts" -StartupType Disabled
Stop-Service -Name "lmhosts"

The various bits are below.

Turn off NETBIOS over TCP/IP, for each NIC:

Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Where-Object -Property 'TcpipNetbiosOptions' -ne $null | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = [UInt32](2) }

Get rid of all WINS entries, if present (sorry, no CimInstance code yet):

Get-WmiObject Win32_NetworkAdapterConfiguration -Filter "IPEnabled='True'" | Invoke-WmiMethod -Name SetWINSServer -ArgumentList @('','')

Uncheck of LMHOSTS lookups:

$nicall = [wmiclass]'Win32_NetworkAdapterConfiguration'
$nicall.enablewins($false,$false)

Disable the service “TCP/IP NetBIOS Helper”:

Set-Service -Name "lmhosts" -StartupType Disabled
Stop-Service -Name "lmhosts"

If Microsoft DHCP is in use, DHCP can tell clients to do the simple disable, the first item above:

learn.microsoft.com/en-us/troubleshoot/windows-server/networking/disable-netbios-tcp-ip-using-dhcp



Below is another script, to reenable the protocols, though it does not try to put back any WINS server IPs that may have been deleted, and it cannot override Microsoft DHCP:

Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = 0 }

$DisableLMHosts_Class=Get-WmiObject -list Win32_NetworkAdapterConfiguration
$DisableLMHosts_Class.EnableWINS($true,$true)
Set-Service -Name "lmhosts" -StartupType Manual
Start-Service -Name "lmhosts"

And if you want to combine the above with a new Microsoft standard preventing Windows port exhaustion:

Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = [UInt32](2) }
Get-WmiObject Win32_NetworkAdapterConfiguration | Invoke-WmiMethod -Name SetWINSServer -ArgumentList @('','')
$nicall = [wmiclass]'Win32_NetworkAdapterConfiguration'
$nicall.enablewins($false,$false)
Set-Service -Name "lmhosts" -StartupType Disabled
Stop-Service -Name "lmhosts"
netsh int ipv4 set dynamic tcp start=49152 num=16384
netsh int ipv4 set dynamic udp start=49152 num=16384

Categories:      

==============

msftconnecttest.com
article #1578, updated 102 days ago

This is the Internet DNS name of a Microsoft server. On a Windows operating system, immediately before any and all of a wide variety of things occur, the machine will contact this server for some bandwidth and connectivity tests.

There are often issues with this. If attempt is made and fails, Windows may throw up a popup in the lower-right corner, asking for a mouse-click. Sometimes DNS servers lack this record for some reason, causing odd and unusual troubles. There have been other consequences.

There are ways to turn this off altogether. So far testing has found zero gotchas for shutting it off, it is not clear whether it is essential. The simplest way to do so, is probably to enable this item in local or domain group policy:

Computer Configuration
Administrative Templates
System
Internet Communication Management
Internet Communication settings
Turn off Windows Network Connectivity Status Indicator active tests

Categories:      

==============

A new Windows TCP/IP standard, preventing Windows Port Exhaustion
article #1556, updated 230 days ago

It appears that there is a new standard of Microsoft Windows TCP/UDP port setup. Their doc is here:

learn.microsoft.com/en-us/troubleshoot/windows-client/networking/tcp-ip-port-exhaustion-troubleshooting

I landed there because I saw event log items 4227, tcpip, “TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate…”

If you see lots of those events, or don’t, this paste gets us to the new standard:

netsh int ipv4 set dynamic tcp start=49152 num=16384
netsh int ipv4 set dynamic udp start=49152 num=16384

To see your current settings:

netsh int ipv4 show dynamicport tcp
netsh int ipv4 show dynamicport udp

And if you want to combine the above with full disable of NETBIOS and related:

Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = [UInt32](2) }
Get-WmiObject Win32_NetworkAdapterConfiguration | Invoke-WmiMethod -Name SetWINSServer -ArgumentList @('','')
$nicall = [wmiclass]'Win32_NetworkAdapterConfiguration'
$nicall.enablewins($false,$false)
netsh int ipv4 set dynamic tcp start=49152 num=16384
netsh int ipv4 set dynamic udp start=49152 num=16384

Categories:      

==============

Set Priority of NICs/WNICs in Windows
article #1492, updated 594 days ago

So we have the situation where we have multiple network interfaces, possibly including wireless, and we want to set priority, so if one is connected, that one will be used. Here’s a good working procedure, all in Powershell.

  1. Get list of interfaces with the Windows index number for each:
Get-NetIPInterface | ft ifINdex,InterfaceAlias,AddressFamily

Now we have a list of interfaces and names. Each interface device may have two listings, one for IPv6 and one for IPv4. What we want is the index numbers for the two. On one machine, “Ethernet” was index 12, and “Wifi” was 18, but there will be wide variation.

  1. Priority is higher, for lower numbers. So if we want to set high priority for wired Ethernet when it’s present, we could set priority 10:
Set-NetIPInterface -InterfaceIndex "12" -InterfaceMetric "10"
  1. and to make it stick and work predictably, we set Wifi to priority 100:
Set-NetIPInterface -InterfaceIndex "18" -InterfaceMetric "100"

Categories:      

==============

Test UDP
article #1468, updated 823 days ago

One can do a basic test of TCP using Putty. UDP is another matter, one must have a server process and a sender. I found the simple sender and server written in Powershell here:

cloudbrothers.info/en/test-udp-connection-powershell/

to be excellent. In addition, if you want to know the identity of the process listening on a port, run this:

Get-Process -Id (Get-NetUDPEndpoint -LocalPort YourPortNumberHere).OwningProcess

Categories:      

==============

Bandwidth Needed Per VOIP Call
article #1425, updated 1098 days ago

100 Kbps is more than enough.

Categories:      

==============

FTP Conversation over TCP
article #1380, updated 1418 days ago

A great summary of FTP conversation over TCP:

https://www.ncftp.com/libncftp/doc/ftp_overview.html

Categories:      

==============

Mount SSH-shared Folders in Windows
article #1290, updated 1836 days ago

https://github.com/billziss-gh/sshfs-win

CLI command:

net use X: \\sshfs\login@hostname.fqdn

Categories:      

==============

Test network speed (bandwidth) between LAN machines
article #456, updated 1879 days ago

Here is a tool for this purpose:

https://iperf.fr/iperf-download.php

Categories:      

==============

LAN firewall settings for ESET
article #1098, updated 2421 days ago

Here they are:

https://support.eset.com/kb332/

Categories: