Disabling Port 445

Discussion in 'other security issues & news' started by CloneRanger, Aug 29, 2013.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    445 microsoft-ds replaced NetBios Ports 137/9 in 98.

    The above MS info doesn't mention if disables UDP over SMB though. I guess it should too ?

    I've always done the WINS tab disable from install, but still see microsoft-ds entries ? By the way, i'm on XP/SP2
     

    Attached Files:

    • 445.png
      445.png
      File size:
      1.6 KB
      Views:
      1,567
  2. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The simplest way to close port 445 is with a little utility called WWDC (Windows Worm Doors Cleaner 1.4.1). If you can't find it, I can upload you a copy. If you want to make the changes manually, these changes were recorded by Inctrl5 when I used it. On a virtual XP-SP2 test unit, it makes the following changes:
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Parameters "SmbDeviceEnabled"
    value changed from
    01, 00, 00, 00
    to
    00, 00, 00, 00

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters "SmbDeviceEnabled"
    value changed from
    01, 00, 00, 00
    to
    00, 00, 00, 00

    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet3\Services\Http\Parameters
    existing value removed. Don't remove subkeys.

    HTH
     
  3. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ noone_particular

    Hi & Thanks for reminding me about WWDC :thumb: :) I must admit it's the only thing i forgot to include when i last reinstalled XP :( Funny how we can forget things, especially as i've recommended it lots of times on here over the years to others ! I'm sure i even had it on 98SE too, & recommended it then as well.

    It's in now

    wwdc.png

    All the other items were already disabled ;) Except, as i mentioned earlier, i had already done the Wins trick for NetBios, but WWDC showed it could still disable it in some way/s ? I guess it made extra REG changes ?
     
Loading...
Thread Status:
Not open for further replies.