What is Port 445?

by Colin Cohen | Published on October 20, 2023

Port 445 is dedicated to the Server Message Block (SMB) protocol, which allows you to share resources such as files and printers within a network using TCP.


What is Server Message Block?

Server Message Block (SMB) is the protocol that allows devices on the same network to communicate with each other and share resources such as files and printers through what is known as inter-process communication.

There are several different implementations of SMB, such as Common Internet File System (CIFS), which lets Windows devices share files. Samba is another implementation of SMB, which enables devices not running Windows share resources with those that are.

Over the years, Microsoft has developed a series of versions of SMB. For example, SMB 3 is a version that provides end-to-end encryption and support for virtualized environments.

SMB Protocol Port 445 and File Sharing

One of the main features of SMB is the ability to share files with other users over a network. To enable SMB on a file or a folder on a Windows device, right-click on it in the File Explorer, select Properties, and then click the Share button in the Sharing tab.

Does SMB Port 445 Use TCP or UDP?

SMB on port 445 uses TCP transport protocol. It uses TCP instead of UDP because it requires an authenticated connection.

What is Port 445 Used For?

You use port 445 to share the resources of devices on a network using SMB, which is also a critical component of Microsoft Active Directory (now known as Entra).

Sharing Files, Directors, and Printers with SMB Port 445

Using SMB over port 445, you can share a device’s files, directories, and printers. This allows another device on the network to use the resources of the shared device as if they were available on their own device.

Remote File Access and File Sync with SMB

With SMB over port 445, you can remotely access and sync files over the Internet. But remember that it is not necessarily safe to do so, as this could allow attackers to scan the port and possibly obtain sensitive device information. A better solution is to remotely connect to the network using a VPN and then use SMB.

Active Directory and SMB Port 445

Microsoft’s Active Directory (now known as Entra), which lets system administrators manage objects on a network, requires using SMB over port 445. Even non-Microsoft implementations of SMB, such as Samba, use AD to share the resources of Windows devices.

Port 445 Vulnerabilities and Security Concerns

Port 445 can expose devices to significant harm if left open on the public Internet. You should either disable it in your firewall, or properly secure it.

Attacks Against Port 445 In the Past

Hackers have used port 445 to infiltrate devices on a network, most famously by the WannaCry ransomware attack. They do this by scanning services that use the port, which allows them to gather sensitive information about devices on the network.

How to Keep SMB Secure and Configured

The best way to keep SMB secure is to disable port 445 in your firewall. While this will prevent devices outside of your network from remotely connecting to devices inside it over the port, they can still do so by using a VPN.

If you must leave port 445 open in your firewall, you should implement SMB 3.0 or higher on your devices, as it includes advanced security protections such as end-to-end encryption.

Is Port 445 Safe to Open?

Port 445 is unsafe to open for traffic outside your network. If remote users need SMB access, you should provide this through a VPN. At the very least, you should implement SMB 3.0 or higher.

What's the Difference Between SMB Port 445 and Port 139?

SMB can operate over port 445 or port 139, but today, you would likely only use it over port 139 for backward compatibility when supporting legacy devices.

SMB Port 445 vs. Port 139

In the days before the Internet, SMB operated over port 139 on top of NetBIOS. Microsoft changed the protocol to work over port 445 to support the Internet using TCP. But you can still use it over port 139 too if you need to support legacy systems.

Port 137 vs. Port 138 vs. Port 139

Ports 137, 138, and 139 all relate to running SMB on top of NetBIOS, with each performing a specific function. Port 137 is for name services, port 138 is for diagram services, and port 139 is for session services.

Port Conflicts and Overlaps with SMB Protocol Port 445

You can support SMB on both port 445 and port 139 on the same network if you need to support SMB on legacy devices.

Can NetBIOS Conflict with SMB?

You can have SMB over NetBIOS (port 139) running simultaneously as SMB over TCP (port 445). If port 445 is open on a device, Windows will try to use this port first. If there is no response from this port, it will try port 139.

Configure Network Devices To Handle SMB Traffic

Many network devices will not have SMB enabled by default, and you will need to manually configure it if SMB traffic has to pass through it. How you do this is dependent on the device.

Key Takeaways About Port 445

Port 445 is associated with the SMB protocol, and is used to share resources such as files and printers without the need for a network basic input/output system (NetBIOS). But tread carefully — it's possible for port 445 to expose devices to intruders if left open on the public Internet. Make sure to disable it in your firewall, or properly secure it.

Get CBT Nuggets IT training news and resources

I have read and understood the privacy policy and am able to consent to it.

© 2024 CBT Nuggets. All rights reserved.Terms | Privacy Policy | Accessibility | Sitemap | 2850 Crescent Avenue, Eugene, OR 97408 | 541-284-5522