OPS 201 Class 05 - MackD51/CyberReadingNotes GitHub Wiki

Reading notes for Class 05: Windows Command Line Tools

What is an SMB Port? A Detailed Description of Ports 445 + 139

The SMB protocol is a way for computers to communicate with each other and share access to files, printers, data, etc.

How Does the SMB Protocol Work?

SMB works on a response - request basis, where a client makes a request and the server responds to that request. after connection is established, it allows users or applications different resources, such as printers, mail slots, etc. SMB allows them to open, read, create, update, and move files on the remote server.

What are the SMB Protocol Dialects?

  • SMB 1.0 (1984) - for file sharing in DOS.

  • Samba (1992) - supports file sharing, print services, authentication, authorization, etc. between Linux/Unix servers and Windows clients.

  • CIFS (1996) - supports larger file sizes transferred directly over TCP/IP, symbolic and hard links.

  • NQ (1998) - portable to non-Windows platforms, such as Linux, iOS, and Android.

  • Netsmb (2004) - a family of in-kernel of SMB client and server implementations in BSD OS.

  • SMB 2.0 (2006) - reduced chattiness, improved performance, enhanced scalability, and added support for WAN acceleration.

  • Tuxera SMB (2009) - runs in either kernel or user-space.

  • Likewise (2009) - provided a multi-protocol, identity-aware platform for network access to files in OEM storage products.

  • SMB 2.1 (2010) - improved caching and performance.

  • SMB 3.0 (2012) - improved backup, security, and management.

  • MoSMB (2012) - supports SMB 2.x and SMB 3.x only.

  • SMB 3.02 (2014) - provided ability to disable CIFS/SMB 1.0 support.

  • SMB 3.1.1 (2015) - added support for advanced encryption.

What are Ports 139 and 445?

  • Port 139 is used by SMB dialects that communicate over NetBios. Printers and serial ports communicate using this port.

  • Port 445 allows SMB to communicate across the internet.

Are Open Ports Dangerous?

Open ports can be dangerous when the service listening to the port is misconfigured, vulnerable to exploits, etc. But they are necessary to communicate across the internet.

How to Keep Ports 139 and 445 Secure

  • Avoid exposing SMB ports

  • Patch everything

  • Use Firewall or Endpoint protection

  • Use a VPN

  • Use Mac Address Filtering

References

Tunggal, A. (2022, August 22). What is an SMB Port? A Detailed Description of Ports 445 + 139. https://www.upguard.com/blog/smb-port

Things I want to know more about

  • Learn more about relevant command line tools