NETBIOS packets leaking through XP Pro with 2 NICs

We have a set-up with 2 computers and a router:
- computer 1, W2k, 1 NIC, IP 192.168.100.2
- computer 2, XP Pro SP2, with NIC 1 192.168.100.3 and NIC 2 192.168.10.2
- router, LAN-side IP 192.168.10.1
All netmasks set to 255.255.255.0

Computer 1 is connected to NIC 1 of computer 2.
The router is connected to NIC 2 of computer 2.

Computer 1 is sharing a folder, it should only be accessible from 192.168.100.*.
Computer 2 is sharing a folder, it should only be accessible from 192.168.10.*, by means of port forwarding on the router.

After having seen problems with an application on computer 1, we connected a network sniffer and saw that NETBIOS packages from computer 1 reach
the router and the router sends a reply, which in turn also reaches computer 1. This seems to confuse the application I mentioned before.

We were expecting that in this setup the 2 networks would be separated and
that no NETBIOS packages would go from computer 1 to the router. Apparently we are wrong. We are hoping to find a solution that only requires a modified set-up of the Windows XP Pro (computer 2) machine.

Any clues?

Thanks,
Rob

 

1. Go into the the properties of connection for NIC 2 on computer 2 (the one on the 192.168.10.0 subnet).
2. Highlight TCP/IP and select properties.
3. Click on the Advanced button
4. Go to the WINS tab and select Disable NetBIOS over TCP/IP "
5. Click OK to accept changes and close the window.

That looks like a security hole to me. I hope you've taken measures to secure that connection. A VPN would be a better remote option to port forwarding. The connection should be authenticated and encrypted with a VPN connection but would not be with port forwarding.

 

You are of course right that this is a security hole. However, the routers
firewall is configured to only allow access by a specific computer in the
more-or-less trusted WAN environment.