which ports & protocols are necessary?

In article , Jose Maria Lopez Hernandez wrote: :None of them use UDP, but don't forget the DNS service, :that uses 53/udp and 53/tcp (this one only for zone transfers).

In theory, DNS is allowed to use TCP 53 at any time, even just for queries. Common practice is that for queries it starts with UDP 53 and only switches to TCP 53 for queries if the response had the "result was truncated" flag set.

DNS uses TCP 53 for zone transfers not because going TCP is special but because zone transfers are expected to require more than 512 bytes of data being returned -- thus if you are running a DNS server and you do not disallow random sites from attempting DNS transfers [thinking you are safe because you block TCP 53] then someone can start a zone transfer on UDP 53 and get back the first 1/2 KB worth.

I think I have also seen TCP 53 used internally for requests to update the name or IP mapping (Microsoft Windows XP systems request this by default even for systems with static IPs), but I would not swear to it.

None of them use UDP, but don't forget the DNS service, that uses 53/udp and 53/tcp (this one only for zone transfers).

I think it's 7070/tcp 554/tcp 1090/tcp, but I have not tested well.

It should work.

Never let NetBIOS go in or out your machine and the Internet. It's a big security problem if you do so. You have to stop it at the firewall.

Regards.

This is very interesting, I've always thought that TCP was only used for zone transfers.

Regards.

Or disable NetBIOS over TCP/IP. NetBIOS can run as only protocol in the network (if you have the protocol installed). The danger is the NetBios over TCP/IP which has been vulnerable. Disable it then there should not be any IP-NetBIOS traffic in the LAN.

Gerald