Ask the Expert

The dangers of open port 139

I recently discovered I have an open port: 139. I did some research and found out it is a Netbios-ssn port used for sharing files. I have scanned for relevant Trojans and found none. The port is currently 'listening.' Could this open port pose a threat to my data? And how do I close the port?


    Requires Free Membership to View

If you are on Windows-based network that is running NetBios, it is perfectly normal to have port 139 open in order to facilitate that protocol. If you are not on a network using NetBios, there is no reason to have that port open. Most networks that use NetBios and connect to the Internet also have a firewall that blocks incoming traffic on port 139. That way you are sure that all NetBios traffic originates from within your own network.

Having any open ports exposes you to potential attacks that might exploit known or yet-unknown vulnerabilities. On the other hand, depending on what your system is used for, you likely have to have some open ports in order to be useful. For example, a Web server doesn't work very well with ports 80 and 443 blocked (unless you've mapped the http services to other ports). E-mail servers need ports 25 and 110 for SMTP and POP, respectively.

If the system you are referring to is simply a PC as opposed to a server, you can probably get by using a host-based firewall, such as ZoneAlarm, to block all connections that don't originate from the PC. If you have a PC connected to the Internet via DSL or cable modem, you should purchase a hardware-based router/firewall such as those made by LinkSys or NetGear. They not only can block all incoming requests (not originating with the PC), but can also provide Network Address Translation, so that other computers on the Internet cannot even "see" your PC.

If your system is a server and you need to close ports, those directions would be specific to the kind of system you are using.


For more information on this topic, visit these other searchSecurity resources:
Ask the Expert: What is port scanning?
Ask the Expert: Identifying open ports


This was first published in January 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: