NT Versions Affected:

3.5, 3.51, 4.0

Problem:

'Nbtstat -a nodename' or 'Nbtstat -A ipaddress' will display much information about a remote node. This command will display:

• Active User
• Services running
• NT Domain name
• Nodename
• Ethernet Hardware address

This give a hacker doing password guessing two of the three pieces of information required to mount shares on a remote system, 'Domain name' and 'Username'.

The local and remote systems must be able to communicate via ports 137, 138, 139.

Verification: