You don’t need your machines talking to each other via NetBIOS over TCP/IP.

Turn this off to cut down on network chatter and reduce your attack surface.  The following PowerShell is useful as step during OS deployment (one-off config), or as a Group Policy startup script (every boot).

# disable NetBIOS over TCP/IP on new adapter (legacy protocol not required)
$NETBIOS_DISABLED=2
Get-WmiObject Win32_NetworkAdapterConfiguration -filter "ipenabled = 'true'" | ForEach-Object { $_.SetTcpipNetbios($NETBIOS_DISABLED)}

For DHCP clients you can disable NetBIOS over TCP/IP using a DHCP option

Update!

This post is from 2015, I revisited this eight years later in this post about disabling NetBIOS and LLMNR

Find more IT Infrastructure tips at blog.alexmags.com