SMB Ports (137-139 & 445) and Win XP ICF
I've got a couple of questions (or assumptions) that I need clarified,
hope you can help.
- Samba 2.2.x
- Windows XP client with ICF (Internet Connection Firewall) enabled.
Need to do this as users frequently take laptops home to ADSL
We encountered a problem with the firewall causing long delays with
printing 1-3 minutes, drop-out's, app freezing, etc. User also describe
network latency on the laptops.
After research and testing I found it was necessary to disable the ICF
to lose the slow printing problems (not good for us!). I stumbled
across another solution which was adding an entry to the ICF config for
printing (setup with External Port: 445, Internal Port: 139) that seems
to resolve the problem. Good! Now my questions:
1. I read that these ports are only used pre Windows 2K and that the
port 445 replaced 137-139, is that correct?
2. Should I enable all the ports (137, 138 and 139)? I've read that
these are targets for DoS attacks and worms.
3. Would the reason some users experience latency when accessing file
and print services be related to the ports not being open?
4. What are the realistic implications of opening these ports,
providing the user has up-to-date virus signatures and OS patches.
Thanks for your help.