Network misconfigurations

Azure virtual machine with Windows distribution allows direct NetBIOS access from the Internet

Risk Level

Informational (4)

Compliance Frameworks


NetBIOS provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network. Those ports (137/138/139) are open on your Windows virtual machine and allow all incoming traffic from the Internet. In order to keep security best practices, you should restrict access to be only from allowed IP addresses.
  • Recommended Mitigation

    Configure networking rule to allow incoming NetBIOS traffic from allowed IP addresses only.