7.1.1 File/Print Servers

Overview

File and print sharing uses a client/server architecture. The machine hosting disk or printer resources is the server; machines accessing those resources are clients. A server disk configured for network access is a file share.

Resource sharing can be implemented using proprietary protocols (e.g., File and Print Services for Windows Networks) or TCP/IP protocols (e.g., FTP).

Server Message Block (SMB)

SMB: Application protocol underpinning file and printer sharing on Windows networks. Runs directly over TCP/445.
SMB Versions: SMB3 is the current version. SMB1 has serious security vulnerabilities and is disabled by default on current Windows versions.
Samba: Software suite providing SMB support on UNIX/Linux machines and NAS appliances. Allows a Windows client to access a Linux host as a Windows file or print server.
CIFS: Common Internet File System. SMB is sometimes called CIFS, but technically CIFS refers only to a specific dialect of SMB version 1.

Print Servers

Print servers manage printers and print jobs across a network. They can be hardware or software based.

Provide centralized management for high-volume print environments.
Allow print jobs to be queued.
Can hold a print job until a user releases it to a printer, preventing uncollected printouts.

NetBIOS / NetBT

NetBIOS: Early Windows protocol stack used for name addressing and session establishment (e.g., for SMB). Predates TCP/IP on local networks.
NetBT (NetBIOS over TCP/IP): Re-engineered NetBIOS to run over TCP/UDP. Ports: UDP/137 (name services), UDP/138 (UDP connections), TCP/139 (TCP session services).
Status: Obsolete. Modern networks use IP, TCP/UDP, and DNS instead. NetBT should be disabled on most networks due to significant security risk. Only required to support file sharing for Windows versions earlier than Windows 2000.

File Transfer Protocol (FTP)

FTP allows a client to upload and download files from a network server. Commonly used to upload files to websites.

Ports: TCP/21 — control connection (establish and maintain). TCP/20 — data transfer (active mode). Server-assigned port — data transfer (passive mode).
Security: Plain FTP is unencrypted; passwords are submitted in plaintext. High security risk.
FTPS: FTP-Secure. Adds TLS/SSL encryption to FTP sessions.
SFTP: FTP over Secure Shell. Encrypted FTP tunneled through SSH. Most widely used today.

Port Reference

Protocol	Port(s)	Purpose
SMB	TCP/445	File and printer sharing (Windows)
NetBT	UDP/137	NetBIOS name services
NetBT	UDP/138	NetBIOS UDP connections
NetBT	TCP/139	NetBIOS TCP session services
FTP	TCP/21	FTP control connection
FTP	TCP/20	FTP data transfer (active mode)