To be honest. mine is open for various reasons. I knew about SMB years ago as it has never been actively patched, but it has never been exploited as widely as it has been. It used to be people looking for weak admin passes on 139 using IPC, but that exploit is not used much at all now as newer versions of windows force you to password it and not to use [NULL] as a pass. There is a third active one that not many people exploit, but i am not discussing that on here.