Question

Are ports 445 and 139 blocked on droplets at the digitalocean end?

Are ports 445 and 139 blocked on droplets at the digitalocean end?

For example when I do a port scan from my home computer, to my droplet, I see the windows file sharing related ports are blocked.

Including ports 139 and 445 that samba uses.

(“filtered” means that a firewall is stopping any response, so it’s as good as closed. So even if I did have a service running on those ports, it wouldn’t be accessible)

I’m wondering if that blocking is happening at digitalocean’s end, or at my end. e.g. If it’s digitalocean’s ISP, or digitalocean. Or my ISP. Or my router blocking those outgoing connections.

C:\nmap>nmap -p134,135-139,140,141,440-450 159.89.181.235 Starting Nmap 7.91 ( https://nmap.org ) at 2021-04-25 00:38 GMT Daylight Time Nmap scan report for 159.89.181.235 Host is up (0.083s latency).

PORT STATE SERVICE 134/tcp closed ingres-net 135/tcp filtered msrpc 136/tcp filtered profile 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 140/tcp closed emfis-data 141/tcp closed emfis-cntl 440/tcp closed sgcp 441/tcp closed decvms-sysmgt 442/tcp closed cvc_hostd 443/tcp closed https 444/tcp closed snpp 445/tcp filtered microsoft-ds 446/tcp closed ddm-rdb 447/tcp closed ddm-dfm 448/tcp closed ddm-ssl 449/tcp closed as-servermap 450/tcp closed tserver

Nmap done: 1 IP address (1 host up) scanned in 2.06 seconds

C:\nmap>

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi @userdo,

Are you sure there is anything listening on the ports you’ve mentioned on your Droplet?

How ports work - even if you open a port if there is nothing listening on it, it will appear as closed just because there isn’t anything behind this port.

What you can do is, SSH to your droplet and type in the following command:

netstat -tulpen

Check what’s going on in there, do you see the mentioned ports listening to anything? If yes, see if you can whitelist your IP address and try to reach the port again. If there isn’t anything that is listening to the port, it will never work even if you whitelist the IP address.