Corrupted Data Recovery

Affordable Data Recovery Experts

Port Number 137 | What is Port 137?

Information about udp Port 137

A Software Port (usually just called a 'port') is a virtual data connection that can be used by programs to exchange data directly, instead of going through a file or other temporary storage location. The most common of these are TCP and UDP ports which are used to exchange data between computers on the Internet. Port 137 uses the udp protocol for service type netbios-ns. A malformed request to port 137 is known to cause denial of service attacks.



In the TCP and UDP protocols used in computer networking, a port is a special number present in the header of a data packet. Ports are typically used to map data to a particular process running on a computer. Port numbers can occasionally be seen in the URLs of websites. By default, HTTP uses port 80 and HTTPS uses port 443, but a URL like http://www.MyCompany.com:8000/ would try to connect to an HTTP server on port 8000 instead. Port 137 is used for the netbios-ns service. An example would be http://www.MyCompany.com:137/ when accessed by a web service. Port 137 may be used for several services including NETBIOS Name Service-- A principle rqmt for NetBIOS services on MS hosts (Win9x/ME/NT/Win2000). UDP 137 is used for browsing- logon sequence- pass-thru validations- printing support- trust support- WinNT Secure Channel- and WINS registration.--Security Concerns: Key target in auth & DOS attacks. Block at all perimeters; NIC-filter on public-exposed MS hosts. and more. Port 137 is known to have vulnerabilities caused by trojans and remote code execution.

Note that not all transport layers use network ports; for example, although UDP and TCP use ports, ICMP does not. By default, the firewall should disallow traffic to port 137 until all security checks have been passed. If an application cannot listen on port 137, the port 137 is already in use by another application causing the conflict.

Port Number: 137 (Windows 7/Windows Vista/ Windows XP/Windows Server family)
NETBIOS Name Service-- A principle rqmt for NetBIOS services on MS hosts (Win9x/ME/NT/Win2000). UDP 137 is used for browsing- logon sequence- pass-thru validations- printing support- trust support- WinNT Secure Channel- and WINS registration.--Security Concerns: Key target in auth & DOS attacks. Block at all perimeters; NIC-filter on public-exposed MS hosts.
Protocol Used : udp
Service Type : netbios-ns
Known Port 137 exploits: Yes
Known Port 137 Security Risks: Yes

Information on Port 137: Windows 7/Vista/XP

Port 137 Information

  • Go to the command prompt (Start>Run>cmd)
  • Enter netstat -ano
  • You will get a report of Active Connections
  • Report includes: Protocol, Local Address, Foreign Address, State, PID
  • e.g.
    • Proto Local Address Foreign Address State PID
    • UDP 127.0.0.1:137 *:* 137
  • Write down the PID (process identifier) associated with port 137 (Also note the Local Address, Foreign Address, Protocol and State.)
  • Next, start the Windows Task Manager
  • Select the Processes tab in Task Manager
  • Search for the PID you wrote down previously
  • netstat parameter -s displays per-protocol statistics. By default, statistics are shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6

How to manually open Port 137 in Windows Firewall?

Windows Firewall may block port 137 by default. If you want to allow a program to communicate using Port 137 through the firewall, you can usually do that by selecting the required program on the Exceptions tab in Windows Firewall. However, sometimes the program is not listed in the Exceptions tab. In this case you need to open the port manually.

1.Open Windows Firewall by clicking Start, Control Panel, Security, and then Windows Firewall.

2.Click 'Allow a program through Windows Firewall'.

3.Click 'Add port'.

4.In the 'Name' field, type a friendly name for the port like 'Port-137'.

5.In the 'Port number' field, enter the port number '137'.

6.Select TCP or UDP, depending on the protocol required for port 137.

Free Software Downloads: Windows 7/Vista/XP

How to scan a PC/network for udp port 137 vulnerabilities?
If you detect unusual port 137 activity or port 137 intrusion, you need to check for known security risks. Security risks are due to remote hacking attempts, trojans, malware and spyware present on the computer. Incorrect port 137 mapping, port 137 forwarding, or port 137 binding can cause vulnerabilities as well. A port scanner or network analyzer will detect open 137 ports used on a PC (or a network) and detect security threats. Other software tools like an IP scanner, open port 137 scanner, remote open port 137 scanner, open port scan tool or remote port check can be used. The software below is free or open source.

Free Online Port Scanner/Port Checker/Port Scan Test
Firewall Vulnerability Test Tool: Run Now
Network Security Scanner/Vulnerability Scanner/Port Scanner: Download Nmap