Yesterday, my buddy was all freaked out because his computer was acting weird. He kept seeing this “445” thing popping up in some logs, and he had no clue what it was. So, being the curious type, I decided to dig in and figure it out with him.
First Steps: Hitting Up Google
We started by, you know, just Googling “what does 445 mean.” Turns out, it’s a port number. Ports are like little doorways computers use to talk to each other. And port 445? That’s the one used for something called SMB, or Server Message Block.
What’s SMB Anyway?
Okay, so we learned SMB is basically how Windows computers share files and printers and stuff over a network. It’s like the language they use to say, “Hey, can I grab that file from your shared folder?” or “Yo, print this document on that printer.”
Our Little Experiment
To see this in action, we decided to do a little experiment. First things first we want make sure we can ping each other.
We did this simple thing:
- we opened the Windows search box,
- we typed in “cmd”
- we typed in “ipconfig”. This gave us the IP address.
I typed in “ping” follow by his IP address, and hit enter, if all went well. I should see if I can successfully “ping” him.
Then Check Port 445
We fired up a command prompt and used a command called `netstat`. This thing shows you all the active network connections and listening ports. We typed something like `netstat -an find “445”` (the `find` part just filters the results to show lines with “445”).
And there it was! We saw a bunch of lines showing port 445 was “LISTENING,” meaning his computer was ready to accept SMB connections. We also saw some “ESTABLISHED” connections, which meant other computers were already talking to his using SMB.
Why Was He Freaking Out?
So, why the panic? Well, it turns out SMB, and especially port 445, has been a target for some nasty malware and ransomware in the past. Remember WannaCry? That thing spread like wildfire by exploiting a vulnerability in SMB. Scary stuff!
Making Sure We’re Safe
After seeing all that, we decided to play it safe. We did a few things:
- Checked Windows Firewall: Made sure it was turned on and blocking any unnecessary incoming connections to port 445.
- Updated Windows: You gotta keep things patched! Updates often include security fixes for vulnerabilities, including those related to SMB.
- Disabled SMBv1: Turns out there are different versions of SMB, and the oldest one (SMBv1) is super insecure. We followed some online guides to disable it.
Basically, we just wanted to make sure his computer wasn’t an easy target. It’s like locking your doors at night – you don’t want to make it easy for the bad guys!
So, yeah, that’s how we spent our afternoon – learning about port 445, SMB, and how to keep our computers a little bit safer. It wasn’t exactly a wild party, but hey, at least we learned something new, and his computer didn’t get turned into a zombie by some ransomware.
