Solved

windows file sharing

Posted on 2014-10-03
7
87 Views
Last Modified: 2014-10-27
When dealing with windows file sharing, I've noticed it tries 135 and 137.  If those are not open it tries 445.

Am I correct to assume if I open just 445, I won't need to open 135 and 137?
0
Comment
Question by:trojan81
7 Comments
 
LVL 21

Expert Comment

by:mcsween
Comment Utility
you need TCP 139, 445 and UDP 137, 138.  SMB happens on 445 but you also need NetBIOS over TCP/IP which the other 3 ports cover.
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
Incorrect. Your own assumption is indeed correct, only 445.
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
And 135 is something different, it's rpc.
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 9

Expert Comment

by:nattygreg
Comment Utility
What Mcknife said, you definitely don not want 135 n 137 open
0
 

Author Comment

by:trojan81
Comment Utility
So officially which is the port?  I know 445 works. Why does Microsoft talk about other ports?  
It seems to me it tries other netbios over tcp first and then if that doesnt work, it tries 445.
0
 
LVL 21

Accepted Solution

by:
mcsween earned 250 total points
Comment Utility
NetBIOS over TCP/IP is for name resolution.  If you only want to open TCP 445 you must:

1. Access the shares by IP address only (\\192.168.1.100\sharename)
OR
2. Setup DNS to resolve names on the LAN
OR
3. Add IP/hostname mappings to your hosts file on each computer

Just out of curiosity where does this firewall reside that you are opening ports on?
0
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 250 total points
Comment Utility
That is it, exactly.
Microsoft would surely "promote" to only open port 445 if there weren't people who don't know about name resolution. That said: if you have DNS running like on a domain or, if no DNS is at hand, if you feel able to edit the host file, or, if you feel comfortable with using IPs, of course you should use and open only 445.
0

Featured Post

Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

Join & Write a Comment

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now