Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thing or two about the nature of internet exposure, so we figured, why not break up all the protocol studies into their own reports?
So, here we are! What follows is taken directly from our National / Industry / Cloud Exposure Report (NICER), so if you don't want to wait around for the next installment, you can cheat and read ahead!
[Research] Read the full NICER report today
Get Started
SMB (TCP/445)
Choosy worms choose SMB.
TLDR
WHAT IT IS: SMB is the Windows everything protocol, but is usually used for Windows-based file transfers.
HOW MANY: 593,749 discovered nodes
VULNERABILITIES: The most destructive internet worms in history use SMB in some way.
ADVICE: Direct access to SMB outside of an unroutable, local network should be prohibited as a general rule.
ALTERNATIVES: HTTPS-based file sharing is usually the answer for whatever file hosting SMB was intending, but most SMB exposures seem to be accidental.
GETTING: Better! ZOMGOSH! Thanks mostly to ISPs, there was a 16% decrease in exposure from 2019.
SMB discovery details
SMB is a continued source of heartache and headaches for network operators the world over. Originally designed to operate on local area network protocols like NetBEUI and IPX/SPX, SMBv1 ..
Support the originator by clicking the read the rest link below.
