Windows Command Line Tools

Upguard: What is an SMB Port + Ports 445 and 139 Explained

Notes:

• This topic matters to what we're studying in this module because it will help us become efficient in diagnostic operations.

• Server Message Block Protocol (SMB Protocol) is a client-server communication protocol used for sharing access to files, printers, serial ports, and data on a network. It can also carry transaction protocols for authenticated inter-process communication.

• In short, the SMB protocol is a way for computers to talk to each other.

• SMB ports are generally port numbers 139 and 445

• SMB1 no longer secure

• Port 139 is used by SMB dialects that communicate over NetBIOS. It operates as an application layer network protocol for device communication in Windows operating systems over a network. For example, printers and serials ports communicate via Port 139.

• Port 445 is used by newer versions of SMB (after Windows 2000) on top of a TCP stack, allowing SMB to communicate over the Internet. This also means you can use IP addresses in order to use SMB like file sharing.

Security for Port 139 and Port 445

• Avoid Exposing SMB Ports

• Patch Everything

• No Single Point of Failure

• Use a Firewall or Endpoint Protection

• Use a Virtual Private Network (VPN)

• Implement Virtual Local Area Networks (VLANs)

• Use MAC Address Filtering