RE: Windows networking ports

From: Mark L. Jackson (mark_l_jackson@iname.com)
Date: 01/09/02


From: "Mark L. Jackson" <mark_l_jackson@iname.com>
To: "Justin Silles" <JUSTIN@m-m-s.com>, <security-basics@securityfocus.com>
Date: Wed, 9 Jan 2002 01:14:05 -0800

win2k ports:
TCP/53 DNS zone xfer
TCP/135 RPC/DCE Endpoint mapper
UDP/137 NetBIOS name service
TCP/139 NetBIOS session service (SMB)
TCP/445 SMB over TCP (direct to host)
UDP/161 SNMP
TCP/UDP 389 LDAP
TCP/1433 MSSQL
UDP/1434 MSSQL instance mapper
TCP/3268 AD Gloabel catalog
TCP/3269 Global catalog over SSL
TCP/3389 Windows Terminal Server

I am guessing you are using Win2k, as you did not say what your O/S
is.

Why not use a VPN connection. Opening these up to the
world will ensure an attack.

> Just trying to set up a way to map a drive through our
> firewall (Internal to
> DMZ) for special computers and special username/password combo via NT
> authentication....
>
> While doing so I swore that I just needed to open up ports
> 137, 138 and 139
> between the two PCs in order to map shares. Is there one
> more port that I
> am missing (seems to me there is)...or multiple ports...??
> Do I need to
> specify that after the initial connection there needs to be a
> subsequent
> connection to a random port between 1024-65563? Again, I
> just thought I
> needed 137-139.
>
> When tested on our non-live network we tried opening up a
> huge hole across
> the internal to DMZ loop, just incase another rule
> (computer-name or user)
> was not set proper. Still did not work.
>



Relevant Pages

  • Re: change smb port on win2kpro
    ... I believe SSH can also be set up ... I have no idea whether this would work with SMB, ... redirected to other ports either by using something like netcat or maybe ... reconfigure the firewall. ...
    (microsoft.public.security)
  • Re: Webserver sicher machen mit IPSec
    ... > Ich erlaube den Zugriff auf die Ports 137-139 TCP und UDP (ich glaube das ... für einfaches SMB mit Aufruf über IP funktioniert auch nur TCP/445 ... WebDAV Befehle laufen unter http, WebDAV ist deutlich performanter als smb ... > Was die IPSec Richtlinie zum surfen angeht: ...
    (microsoft.public.de.inetserver.iis)
  • Re: change smb port on win2kpro
    ... to start off, i do not have access to the firewall, and i ... im trying to "mount" files between a linux machine ... smb broadcasted on a different port, ... depending on what ports are open. ...
    (microsoft.public.security)
  • Re: OT - Weird wireless router problem
    ... FTP uses different ports from Network traffic. ... Windows Firewall interfering with SMB connections. ... plugged the router into the ethernet port of my wireless PC, ... wireless connection even though it thinks it's on a wired one (due to the ...
    (uk.media.tv.misc)
  • Re: Netbios deaktivieren
    ... Zumal damit ja SMB noch gar nicht deaktiviert wird, ... Sind alles Protokolle, die auf TCP/IP aufsetzen, für Internet-Gequassel ... zum Thema Dienste (Ports) abschalten vs. ...
    (microsoft.public.de.security.netzwerk.sicherheit)