dnswatchdog.iodocs
Issues

Port 445: SMB

Open SMB port detected on a publicly accessible host.

Severity: Critical | Port: 445

What is SMB?

SMB (Server Message Block) is a protocol used primarily in Windows environments for sharing files, printers, and other resources across a network. Port 445 is the direct SMB port (without NetBIOS). When you map a network drive on Windows, you are using SMB.

Why this is a problem

SMB is one of the most frequently targeted protocols by attackers. The WannaCry and NotPetya ransomware attacks both exploited SMB vulnerabilities to spread across networks. An SMB port exposed to the internet gives attackers a direct path to attempt exploitation, credential theft, and lateral movement within your network.

What you should do

  • Block port 445 at the firewall — SMB should never be accessible from the internet
  • If file sharing is needed across locations, use a VPN to connect the networks
  • Ensure all systems are patched against known SMB vulnerabilities (especially MS17-010)
  • Disable SMBv1 if it is still enabled — it has known, unpatched vulnerabilities

Port 135: MS-RPC

Open MS-RPC port detected on a publicly accessible host.

Port 389: LDAP

Open LDAP port detected on a publicly accessible host.

On this page

What is SMB?Why this is a problemWhat you should do