Solved

windows file sharing

Posted on 2014-10-03
7
92 Views
Last Modified: 2014-10-27
When dealing with windows file sharing, I've noticed it tries 135 and 137.  If those are not open it tries 445.

Am I correct to assume if I open just 445, I won't need to open 135 and 137?
0
Comment
Question by:trojan81
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 22

Expert Comment

by:mcsween
ID: 40359958
you need TCP 139, 445 and UDP 137, 138.  SMB happens on 445 but you also need NetBIOS over TCP/IP which the other 3 ports cover.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 40360068
Incorrect. Your own assumption is indeed correct, only 445.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 40360075
And 135 is something different, it's rpc.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 12

Expert Comment

by:Natty Greg
ID: 40360737
What Mcknife said, you definitely don not want 135 n 137 open
0
 

Author Comment

by:trojan81
ID: 40366599
So officially which is the port?  I know 445 works. Why does Microsoft talk about other ports?  
It seems to me it tries other netbios over tcp first and then if that doesnt work, it tries 445.
0
 
LVL 22

Accepted Solution

by:
mcsween earned 250 total points
ID: 40366686
NetBIOS over TCP/IP is for name resolution.  If you only want to open TCP 445 you must:

1. Access the shares by IP address only (\\192.168.1.100\sharename)
OR
2. Setup DNS to resolve names on the LAN
OR
3. Add IP/hostname mappings to your hosts file on each computer

Just out of curiosity where does this firewall reside that you are opening ports on?
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 40366805
That is it, exactly.
Microsoft would surely "promote" to only open port 445 if there weren't people who don't know about name resolution. That said: if you have DNS running like on a domain or, if no DNS is at hand, if you feel able to edit the host file, or, if you feel comfortable with using IPs, of course you should use and open only 445.
0

Featured Post

Free Webinar: AWS Backup & DR

Join our upcoming webinar with experts from AWS, CloudBerry Lab, and the Town of Edgartown IT to discuss best practices for simplifying online backup management and cutting costs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question