LLMNO ve NetBIOS protocols are outdated in most organizations Windows OS are used for, these two old protocols MITM It is sensitive to attacks. (LLMNR and NetBIOS are used for name resolution for IPv4 and IPv6.)
In this writing GPO using LLMNO ve NetBIOS We will disable the protocols.
nbstat in the network environment with the parameter NetBIOS You can see detailed information for devices that speak with the protocol.
Table of Contents
Disable LLMNR Protocol Using GPO
GPO LLMNO Turning off the protocol is not a very difficult process, you may need to test this process first to ensure the health of your environment. NetBIOS close protocol To LLMNR It is a more difficult process than .
Playing Group Policy A new one via Management GPO We are creating it, since I will be using this process for my entire environment, I am creating it on a domain basis.

The path we need to follow on the GPO we created is as follows;
Computer Configuration – Policies – Administrative Template – Network – Turn off Multicast name resolution

Turn off Multicast name resolution we need to enable the option.

With this process LLMNO protocol GPO We closed it using .
We can also disable the LLMNR protocol using Regedit. To do this, simply run the following key on PowerShell;
New-Item "HKLM:SOFTWAREPoliciesMicrosoftWindows NT" -Name DNSClient -Force
New-ItemProperty "HKLM:SOFTWAREPoliciesMicrosoftWindows NTDNSClient" -Name EnableMultiCast -Value 0 -PropertyType DWORD -Force
Steps to Disable NetBIOS Protocol
Before disabling the NetBIOS protocol, you need to analyze your environment very well, the relevant protocol is still used on old version OS such as XP, Vista etc.
There is no special GPO for this protocol. You can do it via the OS or by running powershell or regedit with GPO. The relevant protocol uses TCP/IPV4.
Just follow the steps TCP/IPv4 – Advanced – WINS – Disabled NetBIOS over TCP.

ipconfig /all | find “NetBIOS” You can check the NetBIOS status on the device with the command.
We can also turn off the NetBIOS protocol via Windows DHCP Server;
Here are the steps we need to follow;
We follow the Scope Options – Advanced – Microsoft Disable NetBIOS Option step and provide 0X2 configuration in the Long section.

Using GPO, we can disable the NetBIOS protocol on devices in our environment with a Regedit record. We can save the record below with PowerShell and run it on all our devices with GPO.
$reg = "HKLM:SYSTEMCurrentControlSetservicesNetBTParametersInterfaces"
Get-ChildItem $reg |foreach { Set-ItemProperty -Path "$reg$($_.pschildname)" -Name NetbiosOptions -Value 2 -Verbose}
It will be enough to show the path of the powershell script we saved by following the steps Computer Configuration – Policies – Windows Settings – Scripts – Startup.

After the policy is applied to the devices, the script will run with the LOGIN operation and close the NetBIOS operation.