Null sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. Which TCP and UDP ports must you filter to check null sessions on your network?
A.
137 and 139
B.
137 and 443
C.
139 and 443
D.
139 and 445
Explanation:
NULL sessions take advantage of "features" in the SMB (Server Message Block)protocol that exist primarily for trust relationships. You can establish a NULL session with a Windows host by logging on with a NULL user name and password. Primarily the following ports are vulnerable if they are accessible:
TCP
NETBIOS Session Service
UDP
NETBIOS Session Service
TCP
SMB/CIFS