Question about routers and ports

Here at work, we have a huge windows 2000 network (spread throughout the state). We have a lot of sites. We have a domain controller at every site as well (we run Active directory). Each site is running T1s to our frame relay network.

Now here's my question

Are all cisco router's ports closed by default, or open by default? ? The reason I ask, is because I can access servers anywhere in the state. Even ones at different sites. This means, that the netbios ports etc must be open on all of our routers?

Does anyone follow that confusing mess I just wrote?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

skratzer

Do you mean TCP and UDP ports on the actual router itself or do you mean will it or will it not forward packets destined for certain ports on particular hosts?

By default, there are no filtering rules (ACLs) defined on Cisco devices, so pretty much all traffic types that fit within the active protocol suites will be forwarded. I guess I might mention that NetBIOS is a broadcast based non-routable protocol though and will not be passed through your router.

dissolved

skratzer wrote:

Do you mean TCP and UDP ports on the actual router itself or do you mean will it or will it not forward packets destined for certain ports on particular hosts?

By default, there are no filtering rules (ACLs) defined on Cisco devices, so pretty much all traffic types that fit within the active protocol suites will be forwarded. I guess I might mention that NetBIOS is a broadcast based non-routable protocol though and will not be passed through your router.

I mean TCP/UDP ports. Not referring to pre-mask routing.

I think I remember reading about netbios not being routable. But now I'm confused. If netbios is not routable, how am I able to access shares and stuff at other sites? Each site has a Cisco 4000 series router as the gateway as well.
Thanks for the help man
-dissolved

garv221

You can access shares becasue of 2000 enviroment implements DNS...The routers keep your networks local via VPN and trunking VLANS, depending the size of each offsite LAN...

skratzer

Yes, like garv said, you can probably access the shares because of DNS name resolution rather than NetBIOS broadcasts. Also, the routers don't pass broadcast traffic by default, but can be configured to (ip helper-address).

kicker22

yeah I agree with garv and skratzer..
even if you werent using Active Directory... the other simple explanation is, that maybe ACL is configured to let you in because of your network ip address is on the permit list

forbesl

skratzer wrote:

I guess I might mention that NetBIOS is a broadcast based non-routable protocol though and will not be passed through your router.

NetBIOS is routable over TCP/IP and can be passed through network devices.
See RFC 1001: http://www.faqs.org/rfcs/rfc1001.html

NetBIOS ports:
UDP 137 - 138
TCP 139

westincar

Netbeui isn't routable but NetBIOS is. Netbeui can only be bridged.

--Westincar

rossonieri#1

well, if you buy a new router then its ports are closed by default. the reason you can connect to any site probably your network have been setup to do so.