When I view "Network Neightborhood" or "My Network Places" under
Windows, a list of computers show up. How can I tell, under the
various versions of Windows, which ones are being accessed via
NetBUI and which ones are being accessed via TCP/IP?

It seems like this ought to be simple (e.g., right-click and
select properties - nope, that doesn't tell), but I can't find it.

Also (this might be harder) how can I list the other computers
which can see (or have viewed) shares from the current computer,
and how they're seeing them (NetBUI v. TCP/IP)?

Thanks,
-Dave

Hi.

Look at this page it written for another issue but it will show you how to
find and use protocol availability and binding:
http://www.ezlan.net/netbeui.html]

Jack (MVP-Networking).




"Dave Burton" > wrote in message
m...
> When I view "Network Neightborhood" or "My Network Places" under
> Windows, a list of computers show up. How can I tell, under the
> various versions of Windows, which ones are being accessed via
> NetBUI and which ones are being accessed via TCP/IP?
>
> It seems like this ought to be simple (e.g., right-click and
> select properties - nope, that doesn't tell), but I can't find it.
>
> Also (this might be harder) how can I list the other computers
> which can see (or have viewed) shares from the current computer,
> and how they're seeing them (NetBUI v. TCP/IP)?
>
> Thanks,
> -Dave

Thanks, Jack, that's a nice web page about how to enable NetBEUI
on a Win-XP box, but that's not what I'm looking for. I want to know
how to tell which protocol is actually being used for each of the other
computers whose shares I can see in Network Neighborhood.


"Jack" <JackMDS at veriz0n.net> wrote in message
...
> Hi.
>
> Look at this page it written for another issue but it will show you how to
> find and use protocol availability and binding:
> http://www.ezlan.net/netbeui.html]
>
> Jack (MVP-Networking).
>
>
>
>
> "Dave Burton" > wrote in message
> m...
> > When I view "Network Neightborhood" or "My Network Places" under
> > Windows, a list of computers show up. How can I tell, under the
> > various versions of Windows, which ones are being accessed via
> > NetBUI and which ones are being accessed via TCP/IP?
> >
> > It seems like this ought to be simple (e.g., right-click and
> > select properties - nope, that doesn't tell), but I can't find it.
> >
> > Also (this might be harder) how can I list the other computers
> > which can see (or have viewed) shares from the current computer,
> > and how they're seeing them (NetBUI v. TCP/IP)?
> >
> > Thanks,
> > -Dave

There is no easy way. A computer that is configured for multiple protocols will
attempt to connect to the remote computer with it's default protocol. For instance if
a computer has netbeui configured as it's default protocol for Client for Microsoft
Networks, it will attempt to access the remote computer with netbeui for share access
and if the remote computer is configured to use netbeui for file and print sharing
then the connection would use netbeui.

You can use netstat -an to see what your current tcp/ip connections are and
connections to port 139/445 TCP could be for network shares. A software firewall.
such as Sygate, can be used to log connections on ports 139/445 and the firewall
function itself can be disabled. That way you would at least know who is accessing
shares on tcp/ip. A packet sniffer, such as Ethereal can also be very useful in
examining network traffic between computers and has highly configurable capture
filters. --- Steve

"Dave Burton" > wrote in message
m...
> When I view "Network Neightborhood" or "My Network Places" under
> Windows, a list of computers show up. How can I tell, under the
> various versions of Windows, which ones are being accessed via
> NetBUI and which ones are being accessed via TCP/IP?
>
> It seems like this ought to be simple (e.g., right-click and
> select properties - nope, that doesn't tell), but I can't find it.
>
> Also (this might be harder) how can I list the other computers
> which can see (or have viewed) shares from the current computer,
> and how they're seeing them (NetBUI v. TCP/IP)?
>
> Thanks,
> -Dave

Why not just make life simple - and get rid of NetBEUI?


--
Noel Paton (MS-MVP 2002-2004, Win9x)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm
http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"Dave Burton" > wrote in message
m...
> When I view "Network Neightborhood" or "My Network Places" under
> Windows, a list of computers show up. How can I tell, under the
> various versions of Windows, which ones are being accessed via
> NetBUI and which ones are being accessed via TCP/IP?
>
> It seems like this ought to be simple (e.g., right-click and
> select properties - nope, that doesn't tell), but I can't find it.
>
> Also (this might be harder) how can I list the other computers
> which can see (or have viewed) shares from the current computer,
> and how they're seeing them (NetBUI v. TCP/IP)?
>
> Thanks,
> -Dave

Noel Paton wrote:
> Why not just make life simple - and get rid of NetBEUI?
>
Geez, if I wanted to make my life simple(and didn't need internet access)
NetBEUI would be the ticket.

Perhaps you can explain why Microsoft doesn't support it any more. It would
be an ideal second protocol for home users, if they
wanted to access the internet and also use a second protocol for file and
printer sharing.

Dick Kistler

http://support.microsoft.com/?kbid=306059


--
Noel Paton (MS-MVP 2002-2004, Win9x)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm
http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"Dick Kistler" > wrote in message
...
> Noel Paton wrote:
> > Why not just make life simple - and get rid of NetBEUI?
> >
> Geez, if I wanted to make my life simple(and didn't need internet access)
> NetBEUI would be the ticket.
>
> Perhaps you can explain why Microsoft doesn't support it any more. It
would
> be an ideal second protocol for home users, if they
> wanted to access the internet and also use a second protocol for file and
> printer sharing.
>
> Dick Kistler
>
>
>

"Noel Paton" > wrote in message
...
>
http://support.microsoft.com/?kbid=306059
>
>
> --
No reasons for discontinuing support there.

Yes, it's old. Yes it is used by all those old network clients, so what? Yes
it uses the OSI LLC2 protocol and is not routable.
Not being routable may be an advantage.

I understand that you can still use it. I still use it. I would just like to
have a believable explanation of why Microsoft has dropped
support for it.

Dick

Draw your own conclusions why this is a problem and if any pattern emerges.
Because netbeui is easy for the home user to configure.
Because one can deny sharing to TCP/IP if netbeui is used for the home
network.
Because the XP firewall wasn't designed to protect from netbios attacks.
Because it prevents snooping on your home network by "trusted" applications
and programs accessing the internet via exclusively TCP/IP.
Because the zombies educated by MS were programmed to respond with violent
and irrational responses when the phrase "netbeui" was uttered or written as
you may have seen so far.
Shall I go on?
"Dick Kistler" > wrote in message
...
>
> "Noel Paton" > wrote in message
> ...
> >
> http://support.microsoft.com/?kbid=306059
> >
> >
> > --
> No reasons for discontinuing support there.
>
> Yes, it's old. Yes it is used by all those old network clients, so what?
Yes
> it uses the OSI LLC2 protocol and is not routable.
> Not being routable may be an advantage.
>
> I understand that you can still use it. I still use it. I would just like
to
> have a believable explanation of why Microsoft has dropped
> support for it.
>
> Dick
>
>

"Lil' Dave" > wrote in message
...
> Draw your own conclusions why this is a problem and if any pattern
emerges.
> Because netbeui is easy for the home user to configure.
> Because one can deny sharing to TCP/IP if netbeui is used for the home
> network.
> Because the XP firewall wasn't designed to protect from netbios attacks.
> Because it prevents snooping on your home network by "trusted"
applications
> and programs accessing the internet via exclusively TCP/IP.
> Because the zombies educated by MS were programmed to respond with violent
> and irrational responses when the phrase "netbeui" was uttered or written
as
> you may have seen so far.
> Shall I go on?

Ok, sounds logical to me.

Pretty much what I thought.

Same guys that worked on Windows PE.

Dick Kistler

In article >, "Dick Kistler"
> wrote:
>Geez, if I wanted to make my life simple(and didn't need internet access)
>NetBEUI would be the ticket.
>
>Perhaps you can explain why Microsoft doesn't support it any more. It would
>be an ideal second protocol for home users, if they
>wanted to access the internet and also use a second protocol for file and
>printer sharing.

NetBEUI is available on the Windows XP CD-ROM. Please see this
Microsoft Knowledge Base article:

How to install NetBEUI on Windows XP
http://support.microsoft.com/?id=301041

It's an "unsupported" protocol, which means that Microsoft hasn't
tested it extensively and won't give technical help with NetBEUI
problems.

As I understand it, Microsoft wanted to drop NetBEUI completely, but
they were convinced to include it on the CD for compatibility with old
networks that use NetBEUI.

Why would they want to drop it? Probably because the Internet uses
TCP/IP and most XP computers are connected to the Internet.

I don't think that a second protocol is "ideal" under any
circumstances. Windows networking works best with a single protocol,
and using more than one can cause network browsing problems. Windows
XP has a built-in Internet Connection Firewall, so there's no need to
use a protocol other than TCP/IP for file and printer sharing.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional - Windows Networking
http://mvp.support.microsoft.com

Steve Winograd's Networking FAQ
http://www.bcmaven.com/networking/faq.htm

Steve Winograd [MVP] wrote:
> In article >, "Dick Kistler"
> > wrote:
>> Geez, if I wanted to make my life simple(and didn't need internet
>> access) NetBEUI would be the ticket.
>>
>> Perhaps you can explain why Microsoft doesn't support it any more.
>> It would be an ideal second protocol for home users, if they
>> wanted to access the internet and also use a second protocol for
>> file and printer sharing.
>
> NetBEUI is available on the Windows XP CD-ROM. Please see this
> Microsoft Knowledge Base article:
>
> How to install NetBEUI on Windows XP
> http://support.microsoft.com/?id=301041

Yes, I know this. I have installed NetBEUI on my XP machine to
make it easier to communicate with Windows 95.

>
> It's an "unsupported" protocol, which means that Microsoft hasn't
> tested it extensively and won't give technical help with NetBEUI
> problems.

I understand this, but I haven't seen a believable reason for the decision.
There must be millions of systems that use NetBEUI.

>
> As I understand it, Microsoft wanted to drop NetBEUI completely, but
> they were convinced to include it on the CD for compatibility with old
> networks that use NetBEUI.
>
> Why would they want to drop it? Probably because the Internet uses
> TCP/IP and most XP computers are connected to the Internet.

So Microsoft decided to drop it to make it easy on themselves, not for
the millions of users that use NetBEUI. I see that once upon a time,
there were many protocols offered standard with Windows. Now there
are only 2-TCP/IP and NWLink(and NetBEUI if you have to have it).

I understand that you can do everything with TCP/IP. I also understand
that the only thing standing between my computer and the internet is
the quality of the firewall in my router and maybe the quality of the
firewall
on my pc. My experience is that more layers are better.
>
> I don't think that a second protocol is "ideal" under any
> circumstances. Windows networking works best with a single protocol,
> and using more than one can cause network browsing problems. Windows
> XP has a built-in Internet Connection Firewall, so there's no need to
> use a protocol other than TCP/IP for file and printer sharing.

I understand that in computer software, as in everything else, simpler is
better.

However, you do increase your security somewhat if you use a different
protocol for file and printer sharing than for communications with the
internet.
In addition, if the protocol is not routable, like NetBEUI is, you get a
little more
security. In fact, some sites recommend this as the only way to go, and that
using a single protocol for both internet connection and file/printer
sharing
is crazy. It seems to me that the network browsing problem could be
worked(so far, I haven't observed it).

I just would like a straight answer from Microsoft about why they
don't support NetBEUI. I could handle it. Even if they said something
like "We stopped supporting NetBEUI because a. It's something we
used during the MSDOS era and we are flushing anything that we
can that we used back then. b. If you use an unroutable protocol
on your network, it will make it difficult for our "trusted computer"
system to work. or c. We couldn't see how NetBEUI could make
us any bucks, since the number of NetBEUI users is dropping. If
we could get rid of NWLink, we'd dump it too." I guess I could live
with it.

Dick Kistler

In article >, "Dick Kistler"
> wrote:
>Steve Winograd [MVP] wrote:
>> In article >, "Dick Kistler"
>> > wrote:
>>> Geez, if I wanted to make my life simple(and didn't need internet
>>> access) NetBEUI would be the ticket.
>>>
>>> Perhaps you can explain why Microsoft doesn't support it any more.
>>> It would be an ideal second protocol for home users, if they
>>> wanted to access the internet and also use a second protocol for
>>> file and printer sharing.
>>
>> NetBEUI is available on the Windows XP CD-ROM. Please see this
>> Microsoft Knowledge Base article:
>>
>> How to install NetBEUI on Windows XP
>> http://support.microsoft.com/?id=301041
>
>Yes, I know this. I have installed NetBEUI on my XP machine to
>make it easier to communicate with Windows 95.
>
>>
>> It's an "unsupported" protocol, which means that Microsoft hasn't
>> tested it extensively and won't give technical help with NetBEUI
>> problems.
>
>I understand this, but I haven't seen a believable reason for the decision.
>There must be millions of systems that use NetBEUI.
>
>>
>> As I understand it, Microsoft wanted to drop NetBEUI completely, but
>> they were convinced to include it on the CD for compatibility with old
>> networks that use NetBEUI.
>>
>> Why would they want to drop it? Probably because the Internet uses
>> TCP/IP and most XP computers are connected to the Internet.
>
>So Microsoft decided to drop it to make it easy on themselves, not for
>the millions of users that use NetBEUI. I see that once upon a time,
>there were many protocols offered standard with Windows. Now there
>are only 2-TCP/IP and NWLink(and NetBEUI if you have to have it).
>
>I understand that you can do everything with TCP/IP. I also understand
>that the only thing standing between my computer and the internet is
>the quality of the firewall in my router and maybe the quality of the
>firewall
>on my pc. My experience is that more layers are better.
>>
>> I don't think that a second protocol is "ideal" under any
>> circumstances. Windows networking works best with a single protocol,
>> and using more than one can cause network browsing problems. Windows
>> XP has a built-in Internet Connection Firewall, so there's no need to
>> use a protocol other than TCP/IP for file and printer sharing.
>
>I understand that in computer software, as in everything else, simpler is
>better.
>
>However, you do increase your security somewhat if you use a different
>protocol for file and printer sharing than for communications with the
>internet.
>In addition, if the protocol is not routable, like NetBEUI is, you get a
>little more
>security. In fact, some sites recommend this as the only way to go, and that
>using a single protocol for both internet connection and file/printer
>sharing
>is crazy. It seems to me that the network browsing problem could be
>worked(so far, I haven't observed it).
>
>I just would like a straight answer from Microsoft about why they
>don't support NetBEUI. I could handle it. Even if they said something
>like "We stopped supporting NetBEUI because a. It's something we
>used during the MSDOS era and we are flushing anything that we
>can that we used back then. b. If you use an unroutable protocol
>on your network, it will make it difficult for our "trusted computer"
>system to work. or c. We couldn't see how NetBEUI could make
>us any bucks, since the number of NetBEUI users is dropping. If
>we could get rid of NWLink, we'd dump it too." I guess I could live
>with it.
>
>Dick Kistler

I can't speak for Microsoft, Dick. If you want an answer from them,
you'll have to ask them.

NetBEUI was the default protocol in Windows 95. TCP/IP has been the
default protocol in every version of Windows since Windows 98.
Nothing in Windows networking has ever required NetBEUI. Even in
Windows 95, you can install TCP/IP and remove NetBEUI.

I think that a home broadband router gives all the security that's
needed, because:

1. The LAN computers have private IP addresses that aren't accessible
from the Internet.

2. The router's WAN interface has an accessible public IP address, but
the router has no access to shared resources on the LAN computers.

I think that a properly configured software firewall gives all the
security that's needed.

If I wanted multiple levels of security, I'd use both a broadband
router and a software firewall, but I wouldn't add another protocol.

Can we agree to disagree? :-)
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional - Windows Networking
http://mvp.support.microsoft.com

Steve Winograd's Networking FAQ
http://www.bcmaven.com/networking/faq.htm

In article >, "Steve
Winograd [MVP]" > wrote:
>I think that a home broadband router gives all the security that's
>needed, because:
>
>1. The LAN computers have private IP addresses that aren't accessible
>from the Internet.
>
>2. The router's WAN interface has an accessible public IP address, but
>the router has no access to shared resources on the LAN computers.
>
>I think that a properly configured software firewall gives all the
>security that's needed.
>
>If I wanted multiple levels of security, I'd use both a broadband
>router and a software firewall, but I wouldn't add another protocol.

I just thought of one more point that I'd like to add.

No matter what protocol the LAN uses for file and printer sharing,
every computer that connects to the Internet needs a firewall to block
access to ports that cam be exploited by Blaster, Sasser, etc. That
firewall can be hardware (e.g. home broadband router) or software
(e.g. ZoneAlarm, Norton Internet Security, XP's Internet Connection
Firewall).
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional - Windows Networking
http://mvp.support.microsoft.com

Steve Winograd's Networking FAQ
http://www.bcmaven.com/networking/faq.htm

> >
> >Dick Kistler
>
> I can't speak for Microsoft, Dick. If you want an answer from them,
> you'll have to ask them.
>
> NetBEUI was the default protocol in Windows 95. TCP/IP has been the
> default protocol in every version of Windows since Windows 98.
> Nothing in Windows networking has ever required NetBEUI. Even in
> Windows 95, you can install TCP/IP and remove NetBEUI.

Yes, you can do this, but my experience(admittedly small) is that
it is difficult to do file and printer sharing with Win 95, Windows XP
and TCP/IP, and adding the second protocol makes it easy to do this. I don't
know why, and would like to know.

I think that NetBEUI has a longer history. That it was the
primary non-Netware protocol on MSDOS networks before
interest in the internet came along. My guess is that there are
lots of computers using it, under conditions that don't require
internet access, since it has a lower overhead than IPX/SPX
for small networks and doesn't require any configuration.

>
> I think that a home broadband router gives all the security that's
> needed, because:
>
> 1. The LAN computers have private IP addresses that aren't accessible
> from the Internet.
>
> 2. The router's WAN interface has an accessible public IP address, but
> the router has no access to shared resources on the LAN computers.
>
> I think that a properly configured software firewall gives all the
> security that's needed.
>
> If I wanted multiple levels of security, I'd use both a broadband
> router and a software firewall, but I wouldn't add another protocol.

I understand this, and use both the router's firewall and a software
firewall in my
network. My interest in a second protocol came from an incident in which an
internet site was able to learn the network ip address of one of my
computers.
This should be impossible as I understand how NAT routers work. I could
not find anything wrong with the configuration of the router. It's possible
that
there is something wrong with the router, of course, but since it otherwise
works ok, I think that is unlikely.

Luckily, the software firewall I run logged and stopped the attack.

So, I started looking at a second protocol for another protection layer,
and found that neither NetBEUI or NWLink work for my situation.
And that nobody could give me good, technical answers to why.

There are sites that religiously advocate using a second protocol, and
regard anyone who only uses one as nuts. Also there are people like
you that can't see any reason to use a second protocol. So far, I
haven't seen any good, technical discussions that would allow a
choice between the two options.

I, however have a situation in which one protocol doesn't seem to
be enough, and in which two protocols don't work.
And no-one seems to have any real reasons for why this is so.
The lack of a real reason that MS stopped support for NeBEUI
is just one of small pieces of the puzzle.

Perhaps this is the wrong forum for this discussion, but it
seems to me that having a second protocol that is not
routable, and that is easy to configure(and doesn't cause
browsing problems) would be a good strategic thing for
Microsoft to do to make networks more resistant to
outside attack. In addition to whatever firewalling you
do. That's all.

Dick Kistler

Oh, by the way, some of the sarcasm about MS's motives
came from the fact that they seem to be operating, like
most large corporations, in a mode that considers their
own problems to be more important than their customers.
Cases in point:

1. Dropping support for NetBEUI

2. Short end of life for Win 95, 98, 98SE also MSDOS

3. Dropping the ball on potential uses of Windows PE

4. Overly integrating Internet Explorer with the OS

5. Dropping support for distinctive ring from Window XP

Not meant to be comprehensive, just the things I personally
have run across in my work.

In article >, "Dick Kistler"
> wrote:
>> NetBEUI was the default protocol in Windows 95. TCP/IP has been the
>> default protocol in every version of Windows since Windows 98.
>> Nothing in Windows networking has ever required NetBEUI. Even in
>> Windows 95, you can install TCP/IP and remove NetBEUI.
>
>Yes, you can do this, but my experience(admittedly small) is that
>it is difficult to do file and printer sharing with Win 95, Windows XP
>and TCP/IP, and adding the second protocol makes it easy to do this. I don't
>know why, and would like to know.

In my experience, it's easy to network all versions of Windows (even
Windows for Workgroups 3.11) with TCP/IP. If TCP/IP doesn't work, the
most likely problem is that a misconfigured firewall is blocking
access.

>I think that NetBEUI has a longer history. That it was the
>primary non-Netware protocol on MSDOS networks before
>interest in the internet came along. My guess is that there are
>lots of computers using it, under conditions that don't require
>internet access, since it has a lower overhead than IPX/SPX
>for small networks and doesn't require any configuration.

Yes, the lack of configuration is an advantage of NetBEUI.

>> If I wanted multiple levels of security, I'd use both a broadband
>> router and a software firewall, but I wouldn't add another protocol.
>
>I understand this, and use both the router's firewall and a software
>firewall in my
>network. My interest in a second protocol came from an incident in which an
>internet site was able to learn the network ip address of one of my
>computers.
>This should be impossible as I understand how NAT routers work. I could
>not find anything wrong with the configuration of the router. It's possible
>that
>there is something wrong with the router, of course, but since it otherwise
>works ok, I think that is unlikely.
>
>Luckily, the software firewall I run logged and stopped the attack.

This is interesting. What was the attack? What address was being
attacked?

Even if a web site finds out the private IP address (e.g. 10.x.x.x,
192.168.x.x) that a router gives to your computer, the web site can't
attack that address. Internet routers don't have routes to private IP
addresses, so they drop all packets addressed to them. After all,
there are probably thousands of different computers with IP address
192.168.0.1 at any moment. A web site can only attack the router's
public IP address

I recently went to an Internet site that displayed my computer's
private IP address after running a "firewall" test. However, the
information from the web site is misleading. My firewall didn't
reveal the address -- it was Java running in my web browser that did.
When I turned off Java, the web site couldn't see the private IP
address. To try it, go to www.auditmypc.com and run Firewall Test 1.
It works by causing the browser to create and execute a reference to
this URL:

http://www.auditmypc.com/freescan/uinfo.asp?a=www.xxx.yyy.zzz

where "www.xxx.yyy.zzz" is your private IP address. For example, if
you click this link, it will tell you that your IP address is
192.168.0.1:

http://www.auditmypc.com/freescan/uinfo.asp?a=192.168.0.1

>So, I started looking at a second protocol for another protection layer,
>and found that neither NetBEUI or NWLink work for my situation.
>And that nobody could give me good, technical answers to why.
>
>There are sites that religiously advocate using a second protocol, and
>regard anyone who only uses one as nuts. Also there are people like
>you that can't see any reason to use a second protocol. So far, I
>haven't seen any good, technical discussions that would allow a
>choice between the two options.

I've seen some of those sites, and I think that they exaggerate the
difficulty of securing a TCP/IP-only network. One flagrant example is
http://grc.com which, in my opinion, is long on scare tactics and
short on technical accuracy.

>I, however have a situation in which one protocol doesn't seem to
>be enough, and in which two protocols don't work.
>And no-one seems to have any real reasons for why this is so.
>The lack of a real reason that MS stopped support for NeBEUI
>is just one of small pieces of the puzzle.
>
>Perhaps this is the wrong forum for this discussion, but it
>seems to me that having a second protocol that is not
>routable, and that is easy to configure(and doesn't cause
>browsing problems) would be a good strategic thing for
>Microsoft to do to make networks more resistant to
>outside attack. In addition to whatever firewalling you
>do. That's all.
>
>Dick Kistler
>
>Oh, by the way, some of the sarcasm about MS's motives
>came from the fact that they seem to be operating, like
>most large corporations, in a mode that considers their
>own problems to be more important than their customers.
>Cases in point:
>
>1. Dropping support for NetBEUI
>
>2. Short end of life for Win 95, 98, 98SE also MSDOS
>
>3. Dropping the ball on potential uses of Windows PE
>
>4. Overly integrating Internet Explorer with the OS
>
>5. Dropping support for distinctive ring from Window XP
>
>Not meant to be comprehensive, just the things I personally
>have run across in my work.

#5 really annoys me, too. You didn't mention what I consider to be
the worst flaw in Windows XP: the use of "simple file sharing", which
offers no access control, in Windows XP Home Edition networking.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional - Windows Networking
http://mvp.support.microsoft.com

Steve Winograd's Networking FAQ
http://www.bcmaven.com/networking/faq.htm

On Thu, 29 Jul 2004 13:13:04 -0600, "Steve Winograd [MVP]"
> wrote:

>If I wanted multiple levels of security,

Forget the ifs, you don't do it yourself because it's not necessary so
why advise others to waste their resources with an unused personal
firewall?


> I'd use both a broadband
>router and a software firewall, but I wouldn't add another protocol.
>

NetBEUI might be okay with legacy windows machines but the future is
connecting *everyone* together. Macs have their own version of samba
along with linux, *bsd and others and they all connect together via
tcp/ip. Not much use for netbeui in the overall scheme.


Jim.

James Egan wrote:
> On Thu, 29 Jul 2004 13:13:04 -0600, "Steve Winograd [MVP]"
> > wrote:
>
>> If I wanted multiple levels of security,
>
> Forget the ifs, you don't do it yourself because it's not necessary so
> why advise others to waste their resources with an unused personal
> firewall?
>
>
>> I'd use both a broadband
>> router and a software firewall, but I wouldn't add another protocol.
>>
>
> NetBEUI might be okay with legacy windows machines but the future is
> connecting *everyone* together. Macs have their own version of samba
> along with linux, *bsd and others and they all connect together via
> tcp/ip. Not much use for netbeui in the overall scheme.
>
>
> Jim.

Nah, there is a place for a non-routable protocol in instances where
internet access
is not wanted or needed. For instance, in a network that is dedicated to
a particular job, and where internet connectivity is not wanted. TCP/IP
would
work, but a simpler protocol would be easier to maintain. The main thing
going
for TCP/IP is the fact that you can use it for internet access and
everything else.
If you don't need to connect to the internet, you don't need TCP/IP. NetBEUI
would be a good option for small networks. The enire world is *not*
connecting
everyone together. Just as the entire world is *not* Windows. There are many
legacy systems that are still running because they work(and businesses can't
upgrade
because of the cost). The entire world is *not* stuck on the continuous
upgrade
policy that computer companies are stuck on.

You see, this is just the kind of thing I was talking about in the other
post. It almost
seems as though religion is involved. No technical argument at all.

Dick

>
> In my experience, it's easy to network all versions of Windows (even
> Windows for Workgroups 3.11) with TCP/IP. If TCP/IP doesn't work, the
> most likely problem is that a misconfigured firewall is blocking
> access.

The Windows 95 system doesn't have a software firewall and the XP system
had the firewall disabled.

On an internet search, others have had this problem. Also other workers I
know.

>
>>> If I wanted multiple levels of security, I'd use both a broadband
>>> router and a software firewall, but I wouldn't add another protocol.
>>
>> I understand this, and use both the router's firewall and a software
>> firewall in my
>> network. My interest in a second protocol came from an incident in
>> which an internet site was able to learn the network ip address of
>> one of my computers.
>> This should be impossible as I understand how NAT routers work. I
>> could not find anything wrong with the configuration of the router.
>> It's possible that
>> there is something wrong with the router, of course, but since it
>> otherwise works ok, I think that is unlikely.
>>
>> Luckily, the software firewall I run logged and stopped the attack.
>
> This is interesting. What was the attack? What address was being
> attacked?

I'm not totally sure that it was an attack, but at least 3 times, I have
blocked
packets from an IP assigned to a black hole server(10-12 packets at a time)
aimed at port 139
on that particular computer.

>
> Even if a web site finds out the private IP address (e.g. 10.x.x.x,
> 192.168.x.x) that a router gives to your computer, the web site can't
> attack that address. Internet routers don't have routes to private IP
> addresses, so they drop all packets addressed to them. After all,
> there are probably thousands of different computers with IP address
> 192.168.0.1 at any moment. A web site can only attack the router's
> public IP address

I understand that if NAT is working, that there is no way for the
local IP address to get outside the router. Or, even if the outside site
has the local IP address for it to get back inside the router.

IP address 192.168.2.x port 139. Clearly I ran E-Trust, F-Prot.
Adaware, Spybot as soon as this happened. They didn't find anything.

>
> I recently went to an Internet site that displayed my computer's
> private IP address after running a "firewall" test. However, the
> information from the web site is misleading. My firewall didn't
> reveal the address -- it was Java running in my web browser that did.
> When I turned off Java, the web site couldn't see the private IP
> address. To try it, go to www.auditmypc.com and run Firewall Test 1.
> It works by causing the browser to create and execute a reference to
> this URL:
>
> http://www.auditmypc.com/freescan/uinfo.asp?a=www.xxx.yyy.zzz
>
> where "www.xxx.yyy.zzz" is your private IP address. For example, if
> you click this link, it will tell you that your IP address is
> 192.168.0.1:
>
> http://www.auditmypc.com/freescan/uinfo.asp?a=192.168.0.1

I'll try it. Maybe that's how it happened. Clearly a program running
on my computer could send that info out. But it doesn't explain how
it got back in.


>> Cases in point:
>>
>> 1. Dropping support for NetBEUI
>>
>> 2. Short end of life for Win 95, 98, 98SE also MSDOS
>>
>> 3. Dropping the ball on potential uses of Windows PE
>>
>> 4. Overly integrating Internet Explorer with the OS
>>
>> 5. Dropping support for distinctive ring from Window XP
>>
>> Not meant to be comprehensive, just the things I personally
>> have run across in my work.
>
> #5 really annoys me, too. You didn't mention what I consider to be
> the worst flaw in Windows XP: the use of "simple file sharing", which
> offers no access control, in Windows XP Home Edition networking.

Yes, I've had problems with this. XP Home needs better network access
control and better control of file permissions. Again, however, if XP Home
had
these features, it would be suitable for some small business applications,
and I don't think Microsoft wants that.

Dick

"Dick Kistler" > wrote in message
...
> Nah, there is a place for a non-routable protocol in instances where
> internet access
> is not wanted or needed. For instance, in a network that is dedicated to
> a particular job, and where internet connectivity is not wanted.

I agree. There are situations such as what you describe where NetBEUI is
"handy". But to be honest, it doesn't matter much to me what they do with
it. I can take it or leave it. Believe it or not I liked DOS, I thought it
was just fine for what it was designed to do, and even today it works just
fine on older equipment that only requires a simple OS like that. MS dropped
support for DOS a long time ago yet there is no shortage of it if someone
wants a copy of it for something.

Remember that NetBEUI and the whole "NetBios thing" is an MS creation and
was never an industry standard, so they "own" the whole thing and can
pretty much do what they want with it. The only protocol that could be
considered an industry standard would be TCP/IP,...all the others are tied
to a particular OS and Manufacturer. I don't think TCP/IP is very
complicated as long as you keep the implementation simple,... The RFC
Private addresses create a similar effect as NetBEUI since they are not
compatible with the Internet without some sort of NAT to bridge the
gap,...and just as they needed NAT,..NetBEUI needed something to behave as a
Protocol Gateway. So in the end the same "effect" and "concepts" can be
created without NetBEUI.

(BTW - with the way my luck has gone in NGs the last few days, I just want
to make it clear,....this is just a conversation guys,...I'm not arguing
with anybody! <g>)

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

"Steve Winograd [MVP]" > wrote in message
...
> I recently went to an Internet site that displayed my computer's
> private IP address after running a "firewall" test. However, the
> information from the web site is misleading. My firewall didn't
> reveal the address -- it was Java running in my web browser that did.

They must have saw you say that and changed it. It tried it with just the
normal "medium" level security in the browser and it still showed the
Proxy's IP# instead of the private one. Just the same, that has me curious
to see what clientside script in the browser will do that. It might be fun
to play with. You could build a "polling system" to research what percentage
of users comming to a site run from private addresses and can also find out
what the most common private address blocks are being used.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

In article >, "Phillip Windell"
<@.> wrote:
>> I recently went to an Internet site that displayed my computer's
>> private IP address after running a "firewall" test. However, the
>> information from the web site is misleading. My firewall didn't
>> reveal the address -- it was Java running in my web browser that did.
>
>They must have saw you say that and changed it. It tried it with just the
>normal "medium" level security in the browser and it still showed the
>Proxy's IP# instead of the private one. Just the same, that has me curious
>to see what clientside script in the browser will do that. It might be fun
>to play with. You could build a "polling system" to research what percentage
>of users comming to a site run from private addresses and can also find out
>what the most common private address blocks are being used.

I still get the same results, Phillip. I'm using Mozilla Firebird,
not Internet Explorer. When I enable Java in Firebird, the "Firewall"
test shows my private IP address. When I disable Java in Firebird, it
doesn't show my private IP address.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional - Windows Networking
http://mvp.support.microsoft.com

Steve Winograd's Networking FAQ
http://www.bcmaven.com/networking/faq.htm

"Steve Winograd [MVP]" > wrote in message
...
> In article >, "Phillip Windell"
> I still get the same results, Phillip. I'm using Mozilla Firebird,
> not Internet Explorer. When I enable Java in Firebird, the "Firewall"
> test shows my private IP address. When I disable Java in Firebird, it
> doesn't show my private IP address.

Ah! Ok,..well I'm probably not gonna get that worried about it.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

"Phillip Windell" <@.> wrote in message
...
> "Dick Kistler" > wrote in message
> ...
> > Nah, there is a place for a non-routable protocol in instances where
> > internet access
> > is not wanted or needed. For instance, in a network that is dedicated to
> > a particular job, and where internet connectivity is not wanted.
>
> I agree. There are situations such as what you describe where NetBEUI is
> "handy". But to be honest, it doesn't matter much to me what they do with
> it. I can take it or leave it. Believe it or not I liked DOS, I thought it
> was just fine for what it was designed to do, and even today it works just
> fine on older equipment that only requires a simple OS like that. MS
dropped
> support for DOS a long time ago yet there is no shortage of it if someone
> wants a copy of it for something.

Yes, there are still lots of DOS(or maybe Windows for Workgroups 3.11)
machines
doing lots of good work out there. The rest of the world does not throw out
things so quickly when they work, as the electronics/computer industry does.
I once worked in the Chemical Industry where, when you install a control
system
you are talking about a 20-30 year lifetime. And have worked in plants with
50
year old control systems.

One thing that I have noticed about DOS and Windows 3.11 is that they run
real fast
on 200 MHz machines, too. And it can do lots of stuff-remember we were
running
the world using it 10 years ago. We would have been pleased as punch with
MSDOS
at 200 MHz.

And IBM is still selling it.

But you have to remember that MSDOS in say, 1994 had been about the same
OS for quite a long time-maybe 13 years. Windows XP is still very young.

And clearly Microsoft can do whatever they want to with NetBEUI, even if it
were
some kind of standard. Once upon a time Windows had many protocols
available,
but only two are left: TCP/IP and NWLink. Maybe I can get NWLink to work.
But not so far.

Dick

In article >, Dick Kistler says...

> Noel Paton wrote:
> > Why not just make life simple - and get rid of NetBEUI?

> Geez, if I wanted to make my life simple(and didn't need internet access)
> NetBEUI would be the ticket.

> Perhaps you can explain why Microsoft doesn't support it any more. It would
> be an ideal second protocol for home users, if they
> wanted to access the internet and also use a second protocol for file and
> printer sharing.

I use TCP/IP for Internet access, Internet sharing, and file and printer
sharing. It helps to keep the LAN behind a NAT/PAT device.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

In article >, Lil' Dave says...

> Draw your own conclusions why this is a problem and if any pattern emerges.
> Because netbeui is easy for the home user to configure.

I haven't had any trouble with TCP/IP.

> Because one can deny sharing to TCP/IP if netbeui is used for the home
> network.

I can deny sharing to the WAN TCP/IP while continuing to share the LAN
TCP/IP.

> Because the XP firewall wasn't designed to protect from netbios attacks.

It does as well at NetBIOS protection as any other software firewall.

> Because it prevents snooping on your home network by "trusted" applications
> and programs accessing the internet via exclusively TCP/IP.

You can't access the Internet without TCP/IP. And you can get sniffers to
sniff any protocol ever made.

> Because the zombies educated by MS were programmed to respond with violent
> and irrational responses when the phrase "netbeui" was uttered or written as
> you may have seen so far.

I have seen no violence, or irrationality to this point.

> Shall I go on?

If you wish...

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

In article >, Dick Kistler says...

> However, you do increase your security somewhat if you use a different
> protocol for file and printer sharing than for communications with the
> internet.

I suppose that makes sense if you are using the same adapter to access the
Internet as you are using to share your files and your printer. If I wasn't
behind a router, I would just bind the file and printer sharing to the LAN
adapters; keep it off of the Internet adapter. Or am I missing something?

> In addition, if the protocol is not routable, like NetBEUI is, you get a
> little more
> security. In fact, some sites recommend this as the only way to go, and that
> using a single protocol for both internet connection and file/printer
> sharing
> is crazy. It seems to me that the network browsing problem could be
> worked(so far, I haven't observed it).

I have not seen any successful attempts to access my file shares and printer
shares. I get hit with NetBIOS probes, but my shares might as well be on the
USB-USB bridge, or the IPX/SPX-compatible protocol as far as they are
concerned.

> I just would like a straight answer from Microsoft about why they
> don't support NetBEUI. I could handle it. Even if they said something
> like "We stopped supporting NetBEUI because a. It's something we
> used during the MSDOS era and we are flushing anything that we
> can that we used back then. b. If you use an unroutable protocol
> on your network, it will make it difficult for our "trusted computer"
> system to work. or c. We couldn't see how NetBEUI could make
> us any bucks, since the number of NetBEUI users is dropping. If
> we could get rid of NWLink, we'd dump it too." I guess I could live
> with it.

I would guess it is because the whole *nix world seems to be sold on the
TCP/IP protocol. *nix, and TCP/IP seem to be driving the Internet; MSFT is a
Johnny-come-lately to that world, and has probably encountered something
bigger than they are. So they have stopped trying to buck the trend, and
decided, instead, to try and co-opt it.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint