Menu
Reply
Highlighted
Wise owl
  • 3.38K
  • 184
  • 922
Registered: ‎09-09-2009
Message 1 of 5 (282 Views)

SMB exposed on Port 445.

http://www.theregister.co.uk/2017/05/17/wannacrypt_vuln_scanning/

How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows and Windows Server.

https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-i...

 




It's What I Do.
I Drink and
I Remember Things.
Reply
0 Kudos
Knows their stuff
  • 1.42K
  • 52
  • 233
Registered: ‎09-07-2010
Message 2 of 5 (198 Views)

Re: SMB exposed on Port 445.

You would still need to actively unblock this port on your router, i would be curious to see who has it unblocked on their router firewall and why Smiley Tongue


Sololobo wrote:

http://www.theregister.co.uk/2017/05/17/wannacrypt_vuln_scanning/

How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows and Windows Server.

https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-i...

 


 

Reply
0 Kudos
Wise owl
  • 3.38K
  • 184
  • 922
Registered: ‎09-09-2009
Message 3 of 5 (170 Views)

Re: SMB exposed on Port 445.

http://www.theregister.co.uk/2017/05/22/eternalrocks_worm/

 




It's What I Do.
I Drink and
I Remember Things.
Reply
0 Kudos
Knows their stuff
  • 1.42K
  • 52
  • 233
Registered: ‎09-07-2010
Message 4 of 5 (151 Views)

Re: SMB exposed on Port 445.

Still requires a user to actively unblock the port on their firewall and forward it to a vulnerable machine

Dialled in
  • 77
  • 1
  • 16
Registered: ‎05-10-2010
Message 5 of 5 (62 Views)

Re: SMB exposed on Port 445.

To be honest. mine is open for various reasons. I knew about SMB years ago as it has never been actively patched, but it has never been exploited as widely as it has been. It used to be people looking for weak admin passes on 139 using IPC, but that exploit is not used much at all now as newer versions of windows force you to password it and not to use [NULL] as a pass. There is a third active one that not many people exploit, but i am not discussing that on here.

 

I am wondering why the interest in SMB anyway ?

Reply
0 Kudos