Problem solve Get help with specific problems with your technologies, process and projects.

Mapping network drives with limited protocols/services

What protocol/service if any is required when mapping network drives? I'm running a software-based firewall to...

separate my two network segments and wish to better secure my network by only allowing those service needed to access computers on lets say segment_B. I'm currently allowing ICMP, UDP, TCP, FTP and RDP request through the firewall. If I set the security rule to allow for any service, mapping a drive from one netork to the next is not problem.

Is there a site I could go to that might assist me in knowing what protocol/service controls which communication request?

As found on the Microsoft site, NT 4.0 used:
NetBIOS over TCP traditionally with the following ports:
nbname 137/UDP
nbname 137/TCP
nbdatagram 138/UDP
nbsession 139/TCP

Windows 2000 is a different animal if using the new features and not older NT 4.0 features. Direct hosted "NetBIOS-less" SMB traffic uses port 445 (TCP and UDP). In this situation, a four-byte header precedes the SMB traffic. The first byte of this header is always 0x00, and the next three bytes are the length of the remaining data.

Finally, I think the answer is found in if you are using NetBIOS over TCP (ports 137, 138 and 139) or the newer NetBIOS-less SMB traffic over port 445 (TCP & UDP). Fair warning any of the following will not work with a Win 2000 server unless running the following in legacy mode:
IBM OS/2 1.3
Lan Manager 2.2
Microsoft Net Server 1.11
Hewlett-Packard Unix Lan Manager X

This is obvious. Microsoft no longer will support them.

For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: What is NetBIOS?
Ask the Expert: Determining which TCP/IP services are needed
Best Web Links: Infrastructure and Network Security

This was last published in December 2002

Dig Deeper on Web application and API security best practices

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.