Question : NBNS Broadcasts

I ran a sniffer on my network of 40 users and I have a machine broadcasting NBNS requests every 4 seconds. I checked the NIC settings they are mirror images of all the other machines on the network. I thought it maybe a bad cookie or even a virus so I did the obvious. The machine is running Windows XP Pro. It really seems to be slowing my network.

Answer : NBNS Broadcasts

How to tell what the machine is using from http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q160/1/77.asp&NoWebContent=1

Windows 2000 and Windows NT
NodeType
Key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netbt\Parameters

Value Type: REG_DWORD - Number
Valid Range: 1,2,4,8 (b-node, p-node, m-node, h-node)
Default: 1 or 8 based on the WINS server configuration

Description: This parameter determines what methods NetBT will use to register and resolve names. A b-node system uses broadcasts. A p-node system uses only point-to-point name queries to a name server (WINS). An m- node system broadcasts first, then queries the name server. An h-node system queries the name server first, then broadcasts. Resolution through LMHOSTS and/or Domain Name Service (DNS), if enabled, will follow these methods. If this key is present, it will override the DhcpNodeType key. If neither key is present, the system defaults to b-node if there are no WINS servers configured for the client. The system defaults to h-node if there is at least one WINS server configured.
Windows 95
NodeType
Key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP

Value type: DWORD
Valid range: 1, 2, 4, or 8
Default: 1 (b-node) if no value is specified or no WINS servers are configured on the network; 8 (h-node) if WINS servers are specified and NodeType is not otherwise defined in the Registry.

Description: This parameter specifies the mode of NetBIOS name resolution used by NetBIOS over TCP/IP. 1 = b-node (broadcasts), 2 = p-node (point-to- point name queries to a WINS server), 4 = m-node (broadcast then query name server), and 8 = h-node (query name server, then broadcast). If DNS is enabled (which also enabled LMHOSTS in Windows 95), name resolution will also follow the mode defined by this parameter. This value can also be configured using DHCP

Random Solutions

can the netstat results help tell what using up my bandwidth

Can someone give me a bandwidth comparison

3G CDMA VS GPRS 500 PTS

XP networking problem

Forward port 3389 on a Ellink router

How to pass proxy server using thirty party proxy?

Suspect Network (DNS/AD?) Comms Issues

Novell Netware using Veritas' Backup Exec and Supeloader 3

Telling your Solaris Sendmail Server to hide it's actual hostname

Wireless connection issue