Heavy Port Activity May Indicate Hacker SMB Sniffing

Block ports 139 and 445 if cound not patch the system!

Activity on one of the ports associated with Windows’ Server Message Block (SMB) protocol is climbing, security giant Symantec said Friday, an indicator that hackers may be exploring a vulnerability Microsoft disclosed Tuesday.

Symantec’s DeepSight network, a global collection of sensors that watch for and track developing threats, has noted a surge in activity targeting TCP port 445, which is associated with SMB-related communications on Windows machines.


Leave a Reply