When Microsoft first awoke to the wide area network (WAN) Internet, its local area network (LAN) NetBIOS file sharing technology was using a "transport protocol" known as NetBEUI. Unlike the Internet Protocol (IP), NetBEUI does not have the concept of "ports". So Microsoft grabbed a trio of three successive Internet ports 137, 138, and 139, to use for the transport of their existing NetBIOS protocol over IP-based LAN and WAN networks. The horrors of insecurity resulting from Microsoft's exposure of their NetBIOS protocol to the Internet are legendary. They were the original impetus for our creation of the ShieldsUP! services, and our ongoing research into personal computer security and privacy.
As a result of the continuing security concerns created by the default global exposure of Windows' NetBIOS file sharing, many ISPs are now blocking this wildly abuse-prone trio of ports on behalf of their users. Many users will find that the various ShieldsUP! probes and scans will report a "stealth" status for these ports without any user-side protection of any kind. After a decade of trouble, ISPs have stepped up and decided that, much as they didn't want to be involved in the need to block specific ports, they are doing their users a security service for which Microsoft has been unwilling to take the necessary responsibility.
If you are curious to learn more about the truth and consequences of Microsoft's Windows NetBIOS file sharing, the topic is covered carefully and in detail in a series of pages beginning here: http://www.grc.com/su-explain.htm.
445?
In the name of backward compatibility, Windows 2000 and subsequent Microsoft operating systems continue to support the original NetBIOS port trio. But with Windows 2000 and beyond, Microsoft has moved their NetBIOS services over to port 445 and, perhaps not surprisingly, created an entire next-generation of even more serious security problems with that port. See the port 445 page for details.
RFC's
The NetBIOS over IP protocols are described in a pair of consecutive Internet RFC documents:
RFC 1001: An overview of concepts and methods . . .
http://www.ietf.org/rfc/rfc1001.txt
http://www.faqs.org/rfcs/rfc1001.html
RFC 1002: Detailed specifications . . .
http://www.ietf.org/rfc/rfc1002.txt
http://www.faqs.org/rfcs/rfc1002.html
Trojan Sightings: Chode