You see this notification pop up:
"Open Port"
Why did this happen?
An open port SMB 445/TCP is detected in your network.
A service called port is used to allow network communications for Internet-connected devices. This port is used as an entry point on sending or receiving data between the communication sources, and destinations.
This allows the attacker to execute arbitrary commands via a vulnerable Samba library.
What are its risks?
- A vulnerability in the Internet-connected devices, and unsecure setting or weak configuration can cause unauthorized access that can exploit, and compromise this open port.
- SMB 445/TCP is a Microsoft Windows file sharing protocol that can be exploited to spread malware like "Wannacry" ransomware, "SambaCry" ransomware on IoT devices, Cryptocurrency-Mining, and similar threats.
- Samba for versions 3.5.0, 4.4.14, and 4.5.10 to 4.6.4, is vulnerable to remote code execution vulnerability that allows a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
What should I do next?
- Always make sure the router device firmware is updated. Show me how.
- Stop unnecessary service (SMB 445/TCP) or do appropriate access management You may check your router's manual for firewall configuration or visit the manufacturer's website to check for this information.
- Set a strong password on the device with the following qualifications:
- Create a password with at least 8 characters
- Use uppercase, and lowercase letters
- Use a mix of letters, numbers, and symbols
- If you are not using the device, disconnect the device from your network.