Let’s try to go through this as a journey where you and I both stand to learn how this works!
1. Are both services necessary? If not, are there any benefits over running a single service?
Depending on your operating system and environment, both services are not necessary.
SMB (Server Message Block)
Server Message Block, the modern dialect of which is known as Common Internet File System, operates as an application-layer network protocol mainly used for providing shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network. …
The Server Message Block protocol can run on top of the Session (and lower) network layers in several ways:
- directly over TCP, port 445
- via the NetBIOS API, which in turn can run on several transports:
- on UDP ports 137, 138 & TCP ports 137, 139 – see NetBIOS over TCP/IP
- on several legacy protocols such as NBF (incorrectly referred to as NetBEUI).
On Windows, SMB can run directly over TCP/IP without the need for NetBIOS over TCP/IP. This will use, as you point out, port
Generally speaking, on other systems, you’ll find services and applications using port
139. This, basically speaking, means that SMB is running with NetBIOS over TCP/IP, where, stack-wise, SMB is on top of NetBIOS if you are to imagine it with the OSI model.
Here’s a visualization from Richard Sharpe, from samba.org.
Here’s a slightly tweaked version to illustrate how you can imagine this on a Windows-based system.
1.a If they are both necessary, are there any benefits?
The only “benefit” — it’s not really a benefit, as much as a requirement — is that with SMB over NBT (NetBIOS over TCP/IP), you’ll actually be able to communicate with a greater deal of implementations of SMB.
2. What information/service does
*My quick guess is that while
netbios-ssn simply provides the NetBIOS API, including NBT (NetBIOS over TCP/IP) via port
139. On the other hand,
microsoft-ds provides the direct hosting of SMB via port
With Windows 2000 Microsoft felt that this can be improved. They added the port 445 for the same service. On port 445 SMB runs directly over TCP. The only difference is that the client skips the NetBIOS session (saves one round trip) then negotiates, authenticates, mounts etc.
Check the properties of your network card. Somewhere in the Advanced IP Settings is a checkbox “Enable NetBIOS over TCP”. Activate it and your computer uses port 139. Deactivate the option and the system wants to use 445.
- Port 139:
SMB -> NetBIOS -> TCP
- Port 445:
SMB -> .... -> TCP
3. What is the relationship between SMB and NetBIOS; are they seperate, does one rely upon the other?
SMB does rely on NetBIOS for communication with devices that do not support direct hosting of SMB over TCP/IP.
NetBIOS is completely independent from SMB. It is an API that SMB, and other technologies can use, so NetBIOS has no dependency to SMB.
NetBIOS (Network Basic System)
… It provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network. As strictly an API, NetBIOS is not a networking protocol. …
… In modern networks, NetBIOS normally runs over TCP/IP via the NetBIOS over TCP/IP (NBT) protocol. This results in each computer in the network having both an IP address and a NetBIOS name corresponding to a (possibly different) host name. …
As you can see, the relationship would be
Application -> SMB -> NetBIOS -> (TCP/IP, others).