about Windows 139 and 445 ports

Source: Internet
Author: User

In the last month's game, a classic ms08-067 loophole was encountered, which was a classic textbook loophole. However, it is limited to using Metasploit to exploit this vulnerability. Now I want to write something about the 139 and 445 ports briefly.

The first mention is that Netbios,netbios is the abbreviation for the network Basic Input/output system and provides a feature that allows different computers within the LAN to communicate. Strictly speaking, NetBIOS is a set of APIs, not a network protocol.

Today, the network protocol stack that we use is the TCP/IP stack, on the Windows operating system, NetBIOS runs on the NetBIOS over TCP/IP protocol, NetBIOS over TCP/IP (NBT or NetBT) is a network protocol, Allows applications that previously used the NetBIOS API to be in a modern TCP/IP network. Such as:

Besides, SMB,SMB is the abbreviation of server Message block, as an application layer protocol, which mainly provides the functions of file sharing, file printing and interprocess communication in a network, and now the use of SMB is mainly in Windows system.

The SMB protocol is a network layer protocol that runs on the session layer and operates in two ways, the first through the NetBIOS API, such as:

Uses UDP 137 and 138 ports and TCP 137 and 139 ports.

The second is to run directly above the TCP and UDP protocols, using 445 ports, which can be referred to as "direct hosting of SMB over TCP/IP".

To summarize, file printing, file sharing, and so on on Windows hosts are implemented through the SMB protocol, and SMB runs on 139 and 445 ports in two ways. We can use the means to make SMB run only in the second way, not through the NetBIOS API. Local connection Properties àInternet Protocol version 4 property à advanced àWINSà disables NetBIOS on TCP/IP. This way, SMB runs on only 445 ports.

Before disabling:

When disabled :

?

Reference:

Https://en.wikipedia.org/wiki/NetBIOS

Https://en.wikipedia.org/wiki/NetBIOS_over_TCP/IP

Https://en.wikipedia.org/wiki/Server_Message_Block

Http://www.dslreports.com/forum/r5486656-MICROSOFT-DS-What-is-this

https://support.microsoft.com/en-us/kb/204279

Https://technet.microsoft.com/en-us/library/bb962072.aspx

Http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html

about Windows 139 and 445 ports

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.