Menu
Reply
Highlighted
  • 3.51K
  • 202
  • 981
Sololobo
Wise owl
379 Views
Message 1 of 5
Flag for a moderator

SMB exposed on Port 445.

http://www.theregister.co.uk/2017/05/17/wannacrypt_vuln_scanning/

How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows and Windows Server.

https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-i...

 




It's What I Do.
I Drink and I
Remember Things.
0 Kudos
Reply
  • 1.73K
  • 66
  • 275
shanematthews
Super solver
295 Views
Message 2 of 5
Flag for a moderator

Re: SMB exposed on Port 445.

You would still need to actively unblock this port on your router, i would be curious to see who has it unblocked on their router firewall and why Smiley Tongue


Sololobo wrote:

http://www.theregister.co.uk/2017/05/17/wannacrypt_vuln_scanning/

How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows and Windows Server.

https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-i...

 


 

0 Kudos
Reply
  • 3.51K
  • 202
  • 981
Sololobo
Wise owl
267 Views
Message 3 of 5
Flag for a moderator

Re: SMB exposed on Port 445.

http://www.theregister.co.uk/2017/05/22/eternalrocks_worm/

 




It's What I Do.
I Drink and I
Remember Things.
0 Kudos
Reply
  • 1.73K
  • 66
  • 275
shanematthews
Super solver
248 Views
Message 4 of 5
Flag for a moderator

Re: SMB exposed on Port 445.

Still requires a user to actively unblock the port on their firewall and forward it to a vulnerable machine

  • 84
  • 2
  • 20
Dominatez
Up to speed
159 Views
Message 5 of 5
Flag for a moderator

Re: SMB exposed on Port 445.

To be honest. mine is open for various reasons. I knew about SMB years ago as it has never been actively patched, but it has never been exploited as widely as it has been. It used to be people looking for weak admin passes on 139 using IPC, but that exploit is not used much at all now as newer versions of windows force you to password it and not to use [NULL] as a pass. There is a third active one that not many people exploit, but i am not discussing that on here.

 

I am wondering why the interest in SMB anyway ?

0 Kudos
Reply