TCP port 139 is used for "NetBIOS over TCP", sometimes called NBT. This protocol was created to make the "NetBIOS over Ethernet" (NetBEUI) protocol routable. This rather old NetBIOS protocol was never designed to connect two computer with anything else but a LAN.
This is the second port of the original "NetBIOS trio" used by the first Windows operating systems (up through Windows NT) in support of file sharing. For additional information about this trio of Internet ports, please see the "Background and Additional Information" for the first port of the trio, port 137. Trojan Sightings: Chode NetBScanner - NetBIOS scanner NetBIOS scan uses UDP port 137 to send and receive the NetBIOS data. If this port is blocked by your computer or in the remote network computers that you scan, the NetBIOS scan will not work. When you run NetBScanner in the first time, you might get a warning from the Firewall of Windows. The dangers of open port 139 - SearchSecurity I recently discovered I have an open port: 139. I did some research and found out it is a Netbios-ssn port used for sharing files. I have scanned for relevant Trojans and found none. nbtstat | Microsoft Docs The NetBIOS name table is the list of NetBIOS names that corresponds to NetBIOS applications running on that computer. /A
Open NetBIOS Report | The Shadowserver Foundation
Apr 27, 2015 NetBIOS and LLMNR: The Gifts That Keep on Giving (Away In addition to disabling NetBIOS on the NIC of each computer and through DHCP and disabling LLMNR, the outbound NetBIOS and LLMNR traffic should be restricted on the host firewall of each system by blocking the NetBIOS protocol and TCP port 139 as well as the LLMNR UDP port 5355. This step can prevent any NetBIOS or LLMNR traffic from accessing
Jun 10, 2020
NetBIOS Enumeration - Technical Navigator