CATO Networks
MARCH 24, 2020
At the beginning of the month, Microsoft released an advisory and security patch for a serious Windows Server Message Block (SMB) vulnerability called the Windows SMBv3 Client/Server Remote Code Execution Vulnerability (AKA Windows SMBv3 RCE or CVE-2020-0796). Windows SMBv3 RCE isnt the first vulnerability in SMB.
CATO Networks
AUGUST 18, 2022
Additionally, policy rules can be further refined based on application context including application (custom applications too), application categories, service, port range, domain name, and more. This includes elements like IP address, subnet, username, group membership, hostname, remote user, site, and more.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
CATO Networks
MAY 20, 2024
Examining the destination port used by the IP address can also yield valuable information. For example, the use of destination port 445 (SMB) over the internet is unlikely to be legitimate, and can raise suspicions about the IP’s malicious intent.
Kentik
APRIL 24, 2017
If you’re looking to examine traffic coming from individual client machines in an SMB or even an enterprise network setting, then that increased granularity is helpful. This tracking requires CPU and memory — in some circumstances, a huge amount of it.
Expert insights. Personalized for you.
52 
Let's personalize your content