1
Here's the scenario:
Work network - I have a Mac and a PC - OS X is Snow Leopard - Windows 7
I am trying to connect to the PC from the Mac. IT ONLY works if I turn off the firewall in Windows.
I tried to trace the port and connection it was using, it appears to be on port 445 via TCP.
I really prefer not to leave this open, or is it OK?
How can I only allow this connection while still leaving the firewall on?
v15
Posted 2011-02-18T14:48:25.757
Reputation: 1 805
1
Yes that port 445 will be fine to leave open as long as it is actually being used. You run into issues when you open ports but don't use them for anything. A service will bind to that port and have exclusive rights to use it.
Supercereal
Posted 2011-02-18T14:48:25.757
Reputation: 8 643
Gotcha, so as long as I am connected with the mac it's ok. When i'm not networked to it - when i don't connect to the PC from the Mac side - should I close it? – v15 – 2011-02-18T15:44:47.517
@zm15 you can leave it open all the time as long you have a share available from the Windows PC it will be bound to that port. You don't actually have to be connected for this to take place. if you run netstat -an |find /i "listening" you will see 0.0.0.0:445 | listening that means the port is in use by SMB and nothing else will be able to use it. – Supercereal – 2011-02-18T15:50:00.807
Have you tried opening TCP port 445 on the windows firewall? Also when you say connecting do you mean sharing files or RDP/VNC? – Supercereal – 2011-02-18T14:49:46.310
I have, it doesn't appear to work to just open up that port.
Yes, sharing files via smb://My-PC on the mac side – v15 – 2011-02-18T14:51:39.200
Honestly if this is a business network the windows firewall shouldn't even be on, you should have a hardware firewall protecting your data. That way you can block that port from the outside but leave it open on the inside. However while it is in use by a share it is safe. – Supercereal – 2011-02-18T14:57:02.853
So with port 445 open it still doesn't work? do you have it open inbound and outbound? – Supercereal – 2011-02-18T14:57:51.930
Update, I opened up port 445 and checked Domain and Private and left Public unchecked. That seemed to work. Is it still safe to do this? – v15 – 2011-02-18T14:59:55.840
Yes, it is safe the share(s) will bind to that port and listen for connections nothing else will be able to do this while the SMB service is bound to the port. – Supercereal – 2011-02-18T15:01:13.083
I have to disagree with @Kyle. While a business network should have a hardware firewall, this does not mean that software firewalls should be turned off. A malicious user or an infected laptop could pose a threat from within the company's network which won't pass through the network border, so it won't be blocked by the hardware firewall. – Dave Sherohman – 2011-02-18T15:22:40.593
@Dave Sherohman I have had more problems with it then it actually solved, so by preference I turn it off. If you have a malicious user Windows firewall is not going to stop this person from causing issues within the company (remember if they have physical access no firewall can stop them). As far as a infected laptop, windows leaves other ports open by default that malicious software can exploit. I just don't see a point and have never had problems with it open, but that's just my opinion which is why I didn't put that in my answer... – Supercereal – 2011-02-18T15:30:41.953
If you're still concerned open cmd run netstat -a and you will see there is already quite a few open unused ports... – Supercereal – 2011-02-18T15:33:22.713