What are the numerous incoming connections I see on public wifi for?

In general I have incoming connections disabled by my security software (Little Snitch). But even when I do this, on public wifi, I see numerous incoming connections for netbios and mDNSResponder allowed automatically.

For example, at a recent hotel stay, I was confronted with a long list as soon as a logged on to the wifi there (listed as automatically allowed by Little Snitch)

enter image description here

which quickly grew to the thousands

enter image description here

What are these incoming connections for? Why are they being automatically allowed? Are they a security threat?


Note that if I explicitly block all of these connections using Little Snitch, my network access fails, but the network still seems to function when I alternatively block incoming connections using Apple's (OS X 10.9) firewall

enter image description here

and enable stealth mode

enter image description here


netbios

You could block the netbios connections with Little Snitch. These connections are connections attempt most usually coming from Windows sharing the same Wi-Fi network and testing which share and printers are available on your computer. This protocol behaves like a guy entering a new building and testing all door knobs, when the door opens he asks: What's your name? What do you share? Do you print? This protocol is stupid, and dangerous, but most notably for Windows. This protocol is the leading vector of malware broadcast inside LAN of companies using Windows since more than 20 years (toward the floppies era). This protocol is responsible of the largest security damages within big companies.

netbios is a security threat.

On all my Mac I tear off this service (netbiosd), during the post installation procedure (see: …to disable WINS in Network settings, working on 10.7, 10.8, 10.9).

mDNSResponder

You couldn't and shouldn't block the mDNSResponder because you would break the normal working of the DNS on your Mac. I.e. you won't be able to find the IP address of www.microsoft.com.

mDNSREsponder isn't a security threat (today).

Firewall setting

Your method to block connection through the MacOS X firewall is the correct and safe one within any aggresive environment.