File and Print Server Security
The File Server and Print Server features have potential security risks because these features support the transfer of unencrypted, clear-text files over a network. Running a file or print server device on a public network may expose the device to the typical security concerns associated with networking. The File Server and Print Server features are not designed to be run on a public network, and Microsoft strongly recommends that you run these features only on a private network.
Best Practices
Enable a firewall on your network device
For enterprise environments, Microsoft recommends the use of a network firewall with intrusion protection, such as Microsoft Internet Security and Acceleration (ISA) Server. For more information, visit this Microsoft Web site.
For non-enterprise environments or for added protection, Microsoft recommends that you include and configure the Windows CE Firewall on the network device. For more information about the Windows CE IP Firewall and how to configure it, see IP Firewall.
For information about configuring the IP firewall to properly manage traffic destined for the internal network, see IP Firewall Reference.
Use authentication
Use NTLM version 2 authentication to limit access to known users only.
For information about NTLM, see NTLM Security Support Provider.
Default Registry Settings
You should be aware of the registry settings that impact security. If a value has security implications you will find a Security Note in the registry settings documentation.
For File Server and Print Server registry information, see SMB Server Registry Settings.
Ports
The following table shows the ports that the File Server and Print Server listen to.
Port number | Description |
---|---|
137 | TCP/ UDP (name service) |
138 | UDP (for communication through a mailslot) |
139 | NetBIOS over TCP/IP (NetBT) |
445 | TCP |
See Also
File and Print Server | SMB Server Registry Settings
Last updated on Saturday, April 10, 2004
© 1992-2003 Microsoft Corporation. All rights reserved.