NetBIOS Basics

Before getting to learn the Enumeration process for Microsoft systems, it is required to get to know the basics of the working of Network Basic Input Output System (NetBIOS), which is a Windows programming interface that provides computers the ability to communicate across local are networks (LANs). Most of the Windows OSs make use of the NetBIOS so as to share printers and files. It listens on UDP ports 137 (for the NetBIOS Name Service) and 138 (the NetBIOS Datagram service) and the TCP port 139 (the NetBIOS Session service). Printer and file sharing in Windows needs the Server Message Block (SMB) which is an upper-level service and runs atop the NetBIOS. In Windows 2000 and the later versions, the SMB listens on the TCP port number 445 and does not have to use NetBIOS rather than TCP/IP if older Windows version support is also needed.

Computer names assigned to Windows systems are the NetBIOS names and are limited to 16 characters, with the last of them being a hexadecimal number (00-FF) which identifies services running on the computer. So you can only make use of 15 characters for the computer name and NetBIOS adds the final character itself so as to identify the services registered with the OS. For instance, if the computer is named as SALESREP and runs the Server service, the OS will store this info in a table of NetBIOS.

NetBIOS names have to be unique on networks. It is not necessary to memorize all of the suffixes that correspond to each and every service or resource type being run on the computer that is being enumerated as a domain controller or a stand-alone system. Hackers oftentimes put more of an effort in attacking systems identified as domain controllers as these store more info which covers user login names as well as network resources. It is wise to go over the suffixes used in the NetBIOS so as to get an overview of their working.