Client Firewalls on Domain - What is NETBIOS_DGM and NETBIOS_NS for? Should i be allowing or blocking?

Posted on 2006-06-05
Last Modified: 2013-11-16

I've got a new AV product that includes an client firewall and it's automatically closed to everything and you have to enable what you want (this is a good thing!), I'm testing it before i roll it out on my domain and i have a few config questions.

At the moment, there is a tick box that allows you to allow NETBIOS on the local LAN. Looking through the firewall allow logs i can see a lot of entrys for that have been allowed under this rule:

UDP IN NETBIOS_NS => this comes from a Jet Direct print server, the exchange server and a Finance package server
UDP IN NETBIOS_DGM => This comes from everywhere printers (1 in partciular shows up every minute), other clients and the DC.

Should i have this rule set to allow? And why are there so many things using NETBIOS_DGM (especially a printer sending UDP packets out all the time)?

I'm afraid i don't know too much about NETBIOS, so any advice would be great. I've put this at 500 points due to the detail i'm likely to need.

Question by:Encams

    Author Comment

    Just a note - that printer is sending out UDP packets every 30 seconds!?
    LVL 51

    Accepted Solution

    NETBIOS_DGM = Datagram Service udp port 138
    NETBIOS_NS    = Name Service      udp port 137

    Ports 135 - 139 & 445 are used for file & printer sharing, MS logons, and other good stuff.

    I would certainly block it on my firewall except to pass through a VPN

    LVL 8

    Assisted Solution

    hi there....

    just go through this link and see what is erq by you and accordingly u can block.....;en-us;832017


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Suggested Solutions

    Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    This video discusses moving either the default database or any database to a new volume.

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now