You are seeing some port numbers or network communications that occur over port 445. What is port 445 registered for? Port 445 is mainly used and registered for the “SMB over IP” communication whereas the SMB is used for Microsoft Directory Services. Actually the SMB or “NBT over IP” uses the port range 137-139 but Microsoft made improvements with the SMB protocol and created the “SMB over IPO” which runs on port 445.
The later versions of Windows operating systems like Windows 2000 and later use port 445 in order to provide Microsoft Directory Services.
Port 445 Related Services
Port 445 can provide different SMB services like below;
- SMB Net Logon Service
- SMB Distributed File System Service
- SMB Remote Procedure Call Locator Service
- SMB Server
- SMB Print Spooler Service
- SMB Fax Service
Securing Port 445
SMB is a vulnerable protocol that causes a lot of security problems for the Windows operating systems. As port 445 provides the SMB services it should be secured properly. Take the following steps in order to secure port 445.
- Enable firewall and deny port 445 traffic from untrusted networks and hosts.
- Only permit trusted networks and hosts traffic for the port 445.
- Use VPN or similar solution to encrypt port 445 traffic on the untrusted networks like internet.