Intrusion Prevention



This indicates that an admin access request was sent through SMB TreeConn, an indication of a possible brute force attack. A successful attacker can gain administrative access.

Affected Products

Any unprotected Windows system is vulnerable.


System compromise: attackers may gain administrator access.

Recommended Actions

Block access to the SMB ports (139, 145) from untrusted networks. Access from known trusted hosts can be enabled if necessary.