Solved

windows file sharing

Posted on 2014-10-03
7
90 Views
Last Modified: 2014-10-27
When dealing with windows file sharing, I've noticed it tries 135 and 137.  If those are not open it tries 445.

Am I correct to assume if I open just 445, I won't need to open 135 and 137?
0
Comment
Question by:trojan81
7 Comments
 
LVL 21

Expert Comment

by:mcsween
ID: 40359958
you need TCP 139, 445 and UDP 137, 138.  SMB happens on 445 but you also need NetBIOS over TCP/IP which the other 3 ports cover.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 40360068
Incorrect. Your own assumption is indeed correct, only 445.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 40360075
And 135 is something different, it's rpc.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 10

Expert Comment

by:Natty Greg
ID: 40360737
What Mcknife said, you definitely don not want 135 n 137 open
0
 

Author Comment

by:trojan81
ID: 40366599
So officially which is the port?  I know 445 works. Why does Microsoft talk about other ports?  
It seems to me it tries other netbios over tcp first and then if that doesnt work, it tries 445.
0
 
LVL 21

Accepted Solution

by:
mcsween earned 250 total points
ID: 40366686
NetBIOS over TCP/IP is for name resolution.  If you only want to open TCP 445 you must:

1. Access the shares by IP address only (\\192.168.1.100\sharename)
OR
2. Setup DNS to resolve names on the LAN
OR
3. Add IP/hostname mappings to your hosts file on each computer

Just out of curiosity where does this firewall reside that you are opening ports on?
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 40366805
That is it, exactly.
Microsoft would surely "promote" to only open port 445 if there weren't people who don't know about name resolution. That said: if you have DNS running like on a domain or, if no DNS is at hand, if you feel able to edit the host file, or, if you feel comfortable with using IPs, of course you should use and open only 445.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Extra security implementation for 2017 9 52
Palo Alto Networks: Truly No Hit Count? 2 45
Access 2016 5 56
Admin account lockout 10 40
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question