# Named Pipes, Port 139 and Port 445



## peterc (Feb 2, 2004)

I have read many places that MS SQL Server using Named Pipes is using port 139 and port 445. But I don't know when port 139 is used instead of port 445 and vice versa?

Are port 139 and port 445 actually duplicates?

I have limited knowledge in NT Networking.


----------



## hewee (Oct 26, 2001)

This is searchable site that gives the use of the TCP ports plus other good information.

The information fields are:
Type Keyword Description Trojans

http://lists.gpick.com/portlist/lookup.asp


----------



## peterc (Feb 2, 2004)

Hi hewee,

The List of Lists in the http://lists.gpick.com is very helpful.

I use the Port Lookup for 139 and 445:

For 139:
Type Keyword Description Trojans 
TCP netbios-ssn NETBIOS Session Service Chode, God Message worm, Msinit, Netlog, Network, Qaz, Sadmind, SMB Relay

UDP netbios-ssn NETBIOS Session Service

For 445:
Type Keyword Description Trojans 
TCP microsoft-ds Microsoft-DS Lioten, Randon, WORM_DELODER.A, W32/Deloder.A, W32.HLLW.Deloder, Sasser

UDP microsoft-ds Microsoft-DS

I don't know the difference between NETBIOS Session Service and Microsoft-DS.
I still don't know when SQL Server will use port 139 instead of 445 and vice versa.

Thank you for any help.


----------



## hewee (Oct 26, 2001)

I don't know or understand all the port junk. 
I just keep all my setting up high on everything.
Firewall is set high and I have a router that acts as a firewall and from running the test here https://grc.com/x/ne.dll?bh0bkyd2 I come up Stealth.


----------



## jimwhite70 (Jul 16, 2004)

This link to MS explains that port 139 is used for tcp connections and 445 for named pipes (near the bottom of the page).

http://support.microsoft.com/?kbid=841251


----------

