When you connect to a computer across the internet from your local home or office network, you usually need to know its internet protocol address or a domain name, such as www.example.com. Depending on how you connect to it, you may also need to specify a particular port number that indicates a service that machine makes available. One common port number is port 445, which is associated with the Windows file-sharing service called "Server Message Block" or SMB.
Port 445 on Windows
Port 445 is used for a long-standing Windows file-sharing service called Server Message Block, commonly abbreviated SMB. It's used on Windows 7 and other Windows versions, and it's also supported by other operating systems with appropriate software installed. Many non-Windows operating systems, including Linux, Unix and OS/2, use an open source package of software called Samba for compatibility with the Windows SMB systems. The 445 port is used for Microsoft, Samba and other unofficial implementations of SMB.
Port 445 comes into play to share files among multiple computers and for other common tasks such as printing across a network.
When one computer attempts to connect to another to use one of these services, it does so using that computer's name or IP address along with an indicator that it wants to connect to port 445. If port 445 is blocked due to local or networkwide firewall rules, it may be unable to connect. If you're using a computer at your workplace and suspect this is an issue, you can contact your company's help desk for assistance. In some cases, the port may be restricted for security reasons.
In general, you can look up how a particular port is typically used by consulting a list maintained by an organization called the Internet Assigned Numbers Authority. Microsoft also maintains its own documentation specifying what ports are used by which Windows functions.
Port 445 and Malware
Certain types of malware, including the notorious WannaCry malware, use port 445 and vulnerabilities in SMB software implementations to spread themselves.
If you don't need to have port 445 open, you should consider blocking it locally using a firewall. If you only need to have it open to a local network or certain sets of computers, you should implement those restrictions in your network firewall or router.
If you're running older SMB software, Microsoft recommends that you disable it for security reasons. Then, upgrade to a new version and confirm there are no known security vulnerabilities involved with running it.
- US-CERT: SMB Security Best Practices
- Microsoft: Direct Hosting of SMB Over TCP/IP
- Microsoft: Microsoft SMB Protocol and CIFS Protocol Overview
- Rapid7: WannaCry Update: Vulnerable SMB Shares Are Widely Deployed and People Are Scanning for Them
- ExpressVPN: How to Find Your Port Number
- Microsoft: Stop Using SMB1
- Microsoft: Port and Protocol Requirements for Servers
- nixCraft: What Ports Need to Be Open for Samba to Communicate With Other Windows/Linux Systems?
- Samba: What Is Samba?
- IANA: Service Name and Transport Protocol Port Number Registry
- Microsoft: Service Overview and Network Port Requirements for Windows