9.1 Microsoft Windows Networking Services


Microsoft Windows networking services use the following ports:

loc-srv         135/tcp loc-srv         135/udp netbios-ns      137/udp netbios-dgm     138/udp netbios-ssn     139/tcp microsoft-ds    445/tcp

Port 135 is used for RPC client-server communication; ports 139 and 445 are used for authentication and file sharing. UDP ports 137 and 138 are used for local NetBIOS browser, naming, and lookup functions.

9.1.1 SMB, CIFS, and NetBIOS

The Server Message Block (SMB) protocol can facilitate resource sharing in Microsoft Windows environments. Under Windows NT, SMB is run through NetBIOS over TCP/IP, which uses UDP ports 135, 137, and 138 along with TCP ports 135 and 139. With Windows 2000, Microsoft added CIFS support, which provides full SMB access directly through TCP and UDP port 445 (as opposed to using a variety of UDP and TCP ports). Many system administrators diligently filter access to ports between 135 and 139, but have been known to neglect port 445 when protecting Windows 2000 hosts.



Network Security Assessment
Network Security Assessment: Know Your Network
ISBN: 059600611X
EAN: 2147483647
Year: 2006
Pages: 166
Authors: Chris McNab

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net