Problem solve Get help with specific problems with your technologies, process and projects.

Mapping network drives with limited protocols/services

What protocol/service if any is required when mapping network drives? I'm running a software-based firewall to...

separate my two network segments and wish to better secure my network by only allowing those service needed to access computers on lets say segment_B. I'm currently allowing ICMP, UDP, TCP, FTP and RDP request through the firewall. If I set the security rule to allow for any service, mapping a drive from one netork to the next is not problem.

Is there a site I could go to that might assist me in knowing what protocol/service controls which communication request?

As found on the Microsoft site, NT 4.0 used:
NetBIOS over TCP traditionally with the following ports:
nbname 137/UDP
nbname 137/TCP
nbdatagram 138/UDP
nbsession 139/TCP

Windows 2000 is a different animal if using the new features and not older NT 4.0 features. Direct hosted "NetBIOS-less" SMB traffic uses port 445 (TCP and UDP). In this situation, a four-byte header precedes the SMB traffic. The first byte of this header is always 0x00, and the next three bytes are the length of the remaining data.

Finally, I think the answer is found in if you are using NetBIOS over TCP (ports 137, 138 and 139) or the newer NetBIOS-less SMB traffic over port 445 (TCP & UDP). Fair warning any of the following will not work with a Win 2000 server unless running the following in legacy mode:
IBM OS/2 1.3
Lan Manager 2.2
Microsoft Net Server 1.11
Hewlett-Packard Unix Lan Manager X

This is obvious. Microsoft no longer will support them.

For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: What is NetBIOS?
Ask the Expert: Determining which TCP/IP services are needed
Best Web Links: Infrastructure and Network Security

This was last published in December 2002

Dig Deeper on Web application and API security best practices

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.