NetBIOS Session / SMB
What is Port 139?
Port 139 is used by the NetBIOS Session Service, which provides connection-oriented communication for file and printer sharing on Windows networks. Before Windows 2000, SMB (Server Message Block) protocol — used for Windows file sharing — ran exclusively over NetBIOS on port 139. This port handles the establishment and maintenance of sessions between networked computers for resource sharing. When you map a network drive or access a shared printer on older Windows networks, the connection goes through port 139. While modern Windows systems can use SMB directly over TCP on port 445, port 139 is still used for backward compatibility with older systems and applications. The Samba project on Linux also uses this port for Windows interoperability.
Common Uses
- Legacy Windows file and printer sharing
- Samba file sharing on Linux/Unix systems
- Backward-compatible SMB connections
- NetBIOS session-based application communication
Technical Details
Copy-paste commands to check port 139 (NetBIOS Session / SMB) from your terminal
Test connectivity
nc -zv example.com 139
curl -v --max-time 5 http://example.com:139/
telnet example.com 139
nmap -p 139 -sV example.com
(echo > /dev/tcp/example.com/139) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 139/tcp
sudo iptables -A INPUT -p tcp --dport 139 -j ACCEPT
sudo firewall-cmd --permanent --add-port=139/tcp && sudo firewall-cmd --reload
Security Considerations
Port 139 has been exploited by numerous worms and malware including WannaCry and EternalBlue. Never expose this port to the internet. The combination of ports 137-139 exposes a wide attack surface. Use SMB over port 445 with SMBv3 encryption when possible. Disable SMBv1, apply security patches, and restrict access to trusted networks.
Popular Ports Reference
The most commonly used and referenced network ports