Intel,Altiris Group

  • 1.  POrt other then 445

    Posted Aug 24, 2009 09:10 AM
    Do we have any other option for file sharing other then port 445/139 also for AD.....

    Please need help......


  • 2.  RE: POrt other then 445

    Posted Aug 24, 2009 09:41 AM
    TCP ports 139 and 445, and UDP ports 137 and 138 are used for printer and file sharing .These are by default  from OS. I don't think that can be changed.


  • 3.  RE: POrt other then 445

    Posted Aug 24, 2009 10:14 AM
    Hello Hemu,

    The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT/2000/XP. In Windows NT it ran on top of NetBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000/XP/2003, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NetBT. For this they use TCP port 445.

    This is owned by microsoft and there is now way you can change it...

    Hope this answers your question.



  • 4.  RE: POrt other then 445

    Posted Aug 24, 2009 01:22 PM
    yes perfectly right,

    But there is lots of vulnerability on this ports thats y i am looking for sum options................


  • 5.  RE: POrt other then 445

    Posted Aug 24, 2009 01:48 PM
    Symantec uses these  ports only to push the package from the SEPM to the Client.

    If you want you can block the ports once SEP is installed on the Clients.


  • 6.  RE: POrt other then 445

    Posted Aug 24, 2009 01:57 PM

     There have been lots of vulnerabilities on 445 SMB ..however Microsoft has come with patches for these...I you have the Windows patches specially MS08-067,  MS03-026,MS03-043,MS03-049..

     still new vulnerabilites are always and will be always discovered for SMB...so your Signature is very true,but you cant just block it...you mask it/ change it if this is leaving your router/firewall but for internal network you have to live with it..