Port 138 (NetBIOS Datagram)

UDP

NetBIOS Datagram Service — NetBIOS Datagram listens on port 138 by default.

What is Port 138?

Port 138 is used by the NetBIOS Datagram Service, part of the NetBIOS over TCP/IP protocol suite. It handles connectionless communication for Windows networking, including browser service announcements and mailslot messages.

NetBIOS Datagram Service on port 138 uses UDP for broadcast-based communication. Windows uses this port for network browsing (Computer Browser service), sending short messages between machines, and domain controller announcements. These datagram messages are typically broadcast on the local subnet.

Like other NetBIOS ports, port 138 should not be exposed to the internet. It can reveal internal network topology and is associated with several historical Windows vulnerabilities.

Port 138 Security

NetBIOS Datagram on port 138 should be secured with appropriate access controls and monitoring. Ensure the service is only accessible from trusted networks by configuring firewall rules to restrict access. If the protocol supports encryption, enable TLS/SSL to protect data in transit.

Regularly update NetBIOS Datagram to the latest version to patch known vulnerabilities. Monitor port 138 for unauthorized access attempts and implement rate limiting where possible. Follow the principle of least privilege when configuring access permissions.

How to Check Port 138

To check if port 138 is open on a remote host, use nmap: 'nmap -p 138 hostname'. For a quick TCP connection test, use: 'telnet hostname 138' or 'nc -zv hostname 138'. On Windows PowerShell, use: 'Test-NetConnection -ComputerName hostname -Port 138'.

To check if port 138 is listening on your local machine, use: 'netstat -tlnp | grep 138' on Linux, or 'ss -tlnp | grep 138'. On Windows, use: 'netstat -an | findstr 138'. For a comprehensive scan, use: 'nmap -sV -p 138 hostname' to detect the service version running on the port.

Related Ports

Port 137 (NetBIOS Name) Port 139 (NetBIOS Session) Port 445 (SMB) Port 135 (MS RPC)

Frequently Asked Questions

What is port 138 used for?

Port 138 is the default port for NetBIOS Datagram Service (NetBIOS Datagram). It is used for netbios datagram communication using the UDP protocol.

Is port 138 TCP or UDP?

Port 138 uses UDP. UDP is used because netbios datagram requires fast, low-overhead communication.

Should port 138 be open?

Port 138 should only be open if you are actively running NetBIOS Datagram. Close unused ports to reduce your attack surface. If needed, restrict access to trusted IP addresses using firewall rules.

How do I check if port 138 is open?

Use 'nmap -p 138 hostname' to scan remotely, or 'netstat -tlnp | grep 138' to check locally on Linux. On Windows, use 'Test-NetConnection -Port 138 hostname' in PowerShell.

How do I secure port 138?

Secure port 138 by restricting access with firewall rules, using encryption (TLS/SSL) where supported, keeping NetBIOS Datagram updated, using strong authentication, and monitoring for unauthorized access attempts.

🔍 Check Your IP Address

While you're here, find out your public IP address, location, and ISP details instantly.

Check My IP →

Related Tools

Port Reference
Complete network port database
Port Scanner
Scan ports on any host
SSL Check
Verify SSL certificate status
HTTP Headers
View HTTP response headers
Traceroute
Trace network route to host
Speed Test
Test your internet speed