Credential scanning

Hi Team,

I am trying to scan my asset and could see only partial credential success. port 135 is failing and port 445 is success. I just tried to create new site just with my IP and tried to test credentials for port 135, It is throwing the error "java.util.concurrent.ExecutionException: com.hierynomus.smbj.common.SMBRuntimeException: com.hierynomus.protocol.transport.TransportException: java.io.EOFException: EOF while reading packet " . When i tried to test the credentials for port 445, it is showing authentication success. Can you guys help me in this?

I gave my PC credential when setting up the site.

Hi @preethi_r! This case would be best handled by our Support team. They’ll be able to better answer questions regarding credential testing. You can open up a case here: https://r7support.force.com/

thank you so much for the suggestion @holly_wilsey . I raised case with them now.

@preethi_r, I’m also facing the similar issues with the authentication on port 135, may I know if you have got any solution from Rapid7.

Thanks,
Ram

Port 135 authentication has been giving us issues for a while.and so far support hasn’t been able to help. It is still doing this for some machines but others work fine even though they are configured the same.

We have some info here on requirements for Windows authentication, and this is the best place to start/double check that everything’s configured as specified. This is generally tough to troubleshoot though, because it often comes down to some type of local configuration that’s impacting auth.

I had a very similar issue which Rapid7 support helped me troubleshoot. We were relying on port 135 for Windows OS fingerprinting because CIFS (Port 445) stopped detecting Windows OS versions after we disabled SMBv1 on our Domain, even though authentication on 445 was successful.

Our solution was to get 445 working again by enabling the Remote Registry service on our Windows endpoints (This was disabled by default).