Why Does IIS Answer HTTP Requests w/ NetBIOS Reply?

PGillingwater writes: "Whilst configuring access control lists on our Cisco router today, I noticed a very large amount of traffic coming in on UDP port 137, to many different addresses within our Class B range. They seemed to be coming also from a range of addresses outside, with no obvious pattern. Further investigation showed that most of those incoming packets originated from Web servers running IIS version 4. This suggests that our users are sending an HTTP GET request on port 80, and the IIS server immediately responds with a UDP NetBIOS reply packet to port 137/UDP, probably as some sort of attempt to find the NetBIOS name, or maybe some form of RPC authentication service. Inquiring minds want to know! Does it strike anyone as unusual that HTTP has been "extended" in this way by Microsoft? Naturally, we're blocking it, but I'm curious as to what the IIS server does with this information, and just how much does it expose security-related information of sites that don't block those ports." Can anyone else validate this behavior, and/or offer up guesses as to the reasons behind it?