LLMNR Local Link Multicast Name Resolution Disable GPO

Disable LLMNR

There are a variety of techniques and protocols for resolving hostnames into IP addresses and vice versa.

DNS is that Technique for resolving IP addresses, followed by others:

LLMNR the current issue is a second DNS level and has its own resolver cache, it also resolves only local (subnet) IP addresses that can not be resolved via DNS.

NetBIOSNames are resolved to IP addresses by using the WINS service. WINS uses NetBIOS over TCP / IP and is an indispensable tool for name resolution and important for applications that work with browser lists.

Which ports are used for what?

DNS Port 53
WINS Port 137, 138, 139 and 445
NetBIOS UDP 137, 138, 139
LLMNR Multicast 5353; Unicast 5355

Disable LLMNR

Disable WINS - Vulnerability