I'm also trying to discover the relationship between netbios-ssn typically running on Port 139 and microsoft-ds running on Port 445.
I understand that previously Port 139 was more popular with older machines and NetBIOS using the SMB protocol is used for file sharing / printers etc. These days we're more likely to see microsoft-ds running on Port 445 in conjunction with Port 139 and the netbios-ssn service.
My questions are however.
-
Are both services necessary / provide addition benefits over running a single service? From my understanding linux systems don't run the 445 port, instead using Samba on the 139 port. Is there anything I can do on a windows machine with these two ports that I can't on a Linux machine?
-
If each service has their own distinct role what information does each of them provide? What information can be gained from microsoft-ds and what can be gained by netbios-ssn?
-
Am I correct on the relationship between SMB and NetBIOS? Or are they actually two separate protocols only related by the fact they achieve a similar goal? Does one rely upon the other?
Best Answer
Let's try to go through this as a journey where you and I both stand to learn how this works!
1. Are both services necessary? If not, are there any benefits over running a single service?
Depending on your operating system and environment, both services are not necessary.
SMB (Server Message Block)
On Windows, SMB can run directly over TCP/IP without the need for NetBIOS over TCP/IP. This will use, as you point out, port
445
.Generally speaking, on other systems, you'll find services and applications using port
139
. This, basically speaking, means that SMB is running with NetBIOS over TCP/IP, where, stack-wise, SMB is on top of NetBIOS if you are to imagine it with the OSI model.Here's a visualization from Richard Sharpe, from samba.org.
Here's a slightly tweaked version to illustrate how you can imagine this on a Windows-based system.
1.a If they are both necessary, are there any benefits?
The only "benefit" -- it's not really a benefit, as much as a requirement -- is that with SMB over NBT (NetBIOS over TCP/IP), you'll actually be able to communicate with a greater deal of implementations of SMB.
2. What information/service does
netbios-ssn
andmicrosoft-ds
provide?*My quick guess is that while
netbios-ssn
simply provides the NetBIOS API, including NBT (NetBIOS over TCP/IP) via port139
. On the other hand,microsoft-ds
provides the direct hosting of SMB via port445
.*3. What is the relationship between SMB and NetBIOS; are they seperate, does one rely upon the other?
SMB does rely on NetBIOS for communication with devices that do not support direct hosting of SMB over TCP/IP.
NetBIOS is completely independent from SMB. It is an API that SMB, and other technologies can use, so NetBIOS has no dependency to SMB.
NetBIOS (Network Basic System)
As you can see, the relationship would be
Application -> SMB -> NetBIOS -> (TCP/IP, others)
.