What is SMB ?

SMB has always been a network file sharing protocol. As such, SMB requires network ports on a computer or server to enable communication to other systems. SMB uses either IP port 139 or 445.

What Are Ports 139 And 445?

  • Port 139: SMB originally ran on top of NetBIOS using port 139. NetBIOS is an older transport layer that allows Windows computers to talk to each other on the same network.
  • Port 445: Later versions of SMB (after Windows 2000) began to use port 445 on top of a TCP stack. Using TCP allows SMB to work over the internet.

How To Keep These Ports Secure

Leaving network ports open to enable applications to function is a security risk. So how do we manage to keep our networks secure and maintain application functionality and uptime? Here are some options to secure these two important and well-known ports.

  • Enable a firewall or endpoint protection to protect these ports from attackers. Most solutions include a blacklist to prevent connections from known attackers IP addresses.
  • Install a VPN to encrypt and protect network traffic.
  • Implement VLANs to isolate internal network traffic.
  • Use MAC address filtering to keep unknown systems from accessing the network. This tactic requires significant management to keep the list maintained.